[packages/logwatch] - up to 7.5.1
arekm
arekm at pld-linux.org
Sat Mar 9 02:49:03 CET 2019
commit b80085625eacbfdf64fb9afad86c49cae8296a46
Author: Arkadiusz Miśkiewicz <arekm at maven.pl>
Date: Sat Mar 9 02:48:54 2019 +0100
- up to 7.5.1
logwatch-dovecot.patch | 14 ----
logwatch-exim.patch | 151 ---------------------------------------
logwatch-journal.patch | 95 ------------------------
logwatch-journald-source.patch | 38 ----------
logwatch-postfix.patch | 49 -------------
logwatch-secure-userhelper.patch | 25 -------
logwatch-sshd-2.patch | 26 -------
logwatch-sshd.patch | 26 -------
logwatch.spec | 24 ++-----
9 files changed, 5 insertions(+), 443 deletions(-)
---
diff --git a/logwatch.spec b/logwatch.spec
index 7283f89..f78e8c0 100644
--- a/logwatch.spec
+++ b/logwatch.spec
@@ -2,12 +2,12 @@
Summary: Analyzes system logs
Summary(pl.UTF-8): Logwatch - analizator logów systemowych
Name: logwatch
-Version: 7.4.3
-Release: 3
+Version: 7.5.1
+Release: 1
License: MIT
Group: Applications/System
Source0: http://downloads.sourceforge.net/logwatch/%{name}-%{version}.tar.gz
-# Source0-md5: 22bd22841caa45f12c605abc3e0c2b09
+# Source0-md5: 3d14fa6e0fb56f890d2b3fd9cbc3162f
# https://po2.uni-stuttgart.de/~rusjako/logwatch/default.html
Source1: https://po2.uni-stuttgart.de/~rusjako/logwatch/%{name}-syslog-ng.tar.gz
# Source1-md5: 2f834407b85080e8e6556d6182d245aa
@@ -17,15 +17,8 @@ Source4: %{name}.cron
Source5: %{name}.tmpwatch
Patch0: %{name}-log_conf.patch
Patch1: %{name}-archives.patch
-Patch2: %{name}-exim.patch
-Patch3: %{name}-journald-source.patch
-Patch4: %{name}-journal.patch
-Patch5: %{name}-postfix.patch
-Patch6: %{name}-secure-userhelper.patch
-Patch7: %{name}-sshd.patch
-Patch8: %{name}-sshd-2.patch
+
Patch9: %{name}-vsftpd.patch
-Patch10: %{name}-dovecot.patch
URL: http://www.logwatch.org/
BuildRequires: rpm-perlprov
Requires: crondaemon
@@ -54,15 +47,8 @@ użyciu i może pracować na większości systemów.
%setup -q -a1
%patch0 -p1
%patch1 -p1
-%patch2 -p1
-%patch3 -p1
-%patch4 -p1
-%patch5 -p1
-%patch6 -p1
-%patch7 -p1
-%patch8 -p1
+
%patch9 -p1
-%patch10 -p1
# cleanup backups after patching
find '(' -name '*~' -o -name '*.orig' ')' -print0 | xargs -0 -r -l512 rm -f
diff --git a/logwatch-dovecot.patch b/logwatch-dovecot.patch
deleted file mode 100644
index 372f4bf..0000000
--- a/logwatch-dovecot.patch
+++ /dev/null
@@ -1,14 +0,0 @@
-recognize dovecot's imap logged-out lines:
-
-dovecot: imap(login)<10065><i/h0D7F2gKh/AAAB>: Logged out in=355 out=1202 deleted=0 expunged=0 trashed=0 hdr_count=0 hdr_bytes=0 body_count=0 body_bytes=0: 1 Time(s)
-
---- logwatch-7.4.3/scripts/services/dovecot~ 2016-04-27 22:14:01.000000000 +0200
-+++ logwatch-7.4.3/scripts/services/dovecot 2018-09-25 18:58:07.433333108 +0200
-@@ -141,6 +141,7 @@
- ($ThisLine =~ /auth-worker/) or
- ($ThisLine =~ /auth:.*: Connected to/) or
- ($ThisLine =~ /Connection closed/) or
-+ ($ThisLine =~ /Logged out/) or
- ($ThisLine =~ /IMAP.*: Connection closed bytes/) or
- ($ThisLine =~ /IMAP.* failed with mbox file/) or
- ($ThisLine =~ /discarded duplicate forward to/) or
diff --git a/logwatch-exim.patch b/logwatch-exim.patch
deleted file mode 100644
index 2c1796a..0000000
--- a/logwatch-exim.patch
+++ /dev/null
@@ -1,151 +0,0 @@
-diff -burN logwatch-7.4.3.orig/scripts/services/exim logwatch-7.4.3/scripts/services/exim
---- logwatch-7.4.3.orig/scripts/services/exim 2018-10-01 07:05:22.024890778 +0200
-+++ logwatch-7.4.3/scripts/services/exim 2018-10-01 06:54:35.467605334 +0200
-@@ -50,8 +50,8 @@
- $LvlBadFormat = $ENV{'exim_misformat'} || 0;
- $LvlRestarts = $ENV{'exim_restart'} || 5;
- $LvlVirus = $ENV{'exim_virus'} || 0;
--$LvlProtocl = $ENV{'exim_protocol'} || 0;
--$LvlProtoclLines = $ENV{'exim_protocol_lines'}|| 5;
-+$LvlProtocol = $ENV{'exim_protocol'} || 0;
-+$LvlProtocolLines = $ENV{'exim_protocol_lines'}|| 5;
- $LvlDontAccept = $ENV{'exim_dontaccept'} || 0;
- $LvlDontAcceptLines = $ENV{'exim_dontaccept_lines'} || 0;
- $LvlVerify = $ENV{'exim_verify'} || 0;
-@@ -80,16 +80,26 @@
- # IPv6 part could be made more strict
- my $IPAddress = qr/\d+\.\d+\.\d+\.\d+|[a-fA-F0-9]*:[a-fA-F0-9:]+/;
-
-+my $MatchedDate = 0;
-+
- while (defined($ThisLine = <STDIN>)) {
- chomp($ThisLine);
- # pobierz dzisiejsza date z 2002-03-31 22:13:48 ...
- # Collect this line's date, e.g. 2002-03-31 22:13:48 ...
- do {
-+ if ( $ThisLine =~ /^ Suggested action: use keep_environment./ ) {
-+ $KeepEnv++ if $MatchedDate;
-+ next;
-+ }
- $BadFormat{$ThisLine}++;
- next;
-- } unless ($year1,$month1,$day1,$h1,$m1,$s1) = ($ThisLine =~ /^(\d+)\-(\d+)\-(\d+)\s(\d+):(\d+):(\d+)\s.+/);
-+ } unless ($year1,$month1,$day1,$h1,$m1,$s1,$ms1) = ($ThisLine =~ /^(\d+)\-(\d+)\-(\d+)\s(\d+):(\d+):(\d+)(\.\d+)?\s.+/);
-
-- next unless $ThisLine =~ /^$SearchDate /o;
-+ unless ($ThisLine =~ /^$SearchDate /o) {
-+ $MatchedDate = 0;
-+ next;
-+ }
-+ $MatchedDate = 1;
-
- if ( $ThisLine =~ /End queue run\:/ ) {
- $EndQueue++;
-@@ -115,6 +125,9 @@
- elsif ( $ThisLine =~ /[Ss]ender verify fail/ ) {
- $SendVerify{$ThisLine}++;
- }
-+ elsif ( $ThisLine =~ /Warning: purging the environment./ ) {
-+ $Purging++;
-+ }
- elsif ( $ThisLine =~ /fragments administratively prohib/ ) {
- $DontAccept{$ThisLine}++;
- }
-@@ -206,6 +219,12 @@
- # Some hosts ask for TLS even when not offered (generalised to all cmds)
- $Proto{$ThisLine}++;
- }
-+ elsif ( $ThisLine =~ /TLS error on connection from (\S+) \(([^)]*)\) \[(\S+)\]:(\d+) I=\[(\S+)\]:(\d+) \(send\): Error in the push function\./ ) {
-+ # Ignore this, office 365 connector early disconnect.
-+ }
-+ elsif ( $ThisLine =~ /authenticator failed for/ ) {
-+ $Proto{$ThisLine}++;
-+ }
- elsif ( $ThisLine =~ /Connection from .* too many connections from that IP address/ ) {
- # Some hosts make lots of simultaneous connections
- # this is an extra error message when logging is high
-@@ -252,6 +271,14 @@
- $mmsg{$mid}{$licze.$mrest} = "$mdate $mtime";
-
- }
-+ elsif ( $ThisLine =~ /^\d+\-\d+\-\d+\s\d+\:\d+\:\d+\s(\[\d+\])?\s(\+\d+\s)?\w+\-\w+\-\w+\s/ ) { # inne wiadomosci przesylane przez EXIMA
-+ # Collect Message ID specific notes...
-+ ($mdate,$mtime,$mpid,$mid,$mrest) = ($ThisLine =~ /^(\d+\-\d+\-\d+)\s(\d+\:\d+\:\d+)\s(\[\d+\])?\s(?:\+\d+\s)?(\w+\-\w+\-\w+)(.+)/);
-+ # Count of individual Message Lines, used for sort
-+ $licze++; # Dodaje taki licznik aby potem przy wypisaniu posortowac po nim, bo wypisywal nie po kolei
-+ $mmsg{$mid}{$licze.$mrest} = "$mdate $mtime";
-+
-+ }
- else
- {
- $OtherList{$ThisLine}++;
-@@ -278,6 +305,13 @@
- }
- }
-
-+if ($Purging) {
-+ print " Warning: purging the environment. : $Purging Time(s)\n";
-+}
-+if ($KeepEnv) {
-+ print " ... Suggested action: use keep_environment. : $KeepEnv Time(s)\n";
-+}
-+
- if ($Detail >= $LvlRuns) {
- if (($StartQueue >0 ) or ($EndQueue > 0)) {
- print "\n--- Queue Runners ---\n";
-@@ -356,7 +390,7 @@
- # Link date and time (looks cleaner)...
- $aa = "$mdate $mtime";
- # Extract the REAL IP address...
-- ($bb) = ($ThisOne =~ m/\s\[($IPAddress)\]\s/);
-+ ($bb) = ($ThisOne =~ m/\s\[($IPAddress)\][\s:]/);
- # Exim >= 4.50 compiled with, WITH_CONTENT_SCAN=yes
- # Default warning looks like this...
- # rejected after DATA: This message contains a [vV]irus (%s).
-@@ -508,7 +542,7 @@
- }
- }
-
--if ($Detail >= $LvlProtocl) {
-+if ($Detail >= $LvlProtocol) {
- # Print Protocol Violations
- if (%Proto) {
- my (%spam);
-@@ -582,6 +616,10 @@
- $bb = $1;
- $SmtpConnection{$bb}++;
- }
-+ elsif ( $ThisOne =~ /authenticator failed for \([^)]*\) \[($IPAddress)\]:\d+ I=\[$IPAddress\]:\d+: (.*) \(/ ) {
-+ $bb = $1;
-+ $SmtpConnection{$bb}++;
-+ }
- elsif ( $ThisOne =~ /SMTP connection from/ ) {
- if ( $ThisOne =~ /lost while reading message data/ ) {
- $bb = "SMTP connection lost while reading message data";
-@@ -623,7 +661,7 @@
- }
- }
- foreach $ThisOne (sort(keys %spam)) {
-- if ($Detail >= $LvlProtoclLines) {
-+ if ($Detail >= $LvlProtocolLines) {
- print " $ThisOne:\n";
- foreach $aa ( sort( split /,/, $spam{$ThisOne} )) {
- print " $aa\n";
-@@ -647,7 +685,7 @@
- print "\n--- Failed Reverse Lookups \n";
- print "--- $ReverseLookup Time(s)\n\n";
-
-- if ($Detail >= $LvlProtoclLines) {
-+ if ($Detail >= $LvlProtocolLines) {
- foreach $ThisOne (@ReverseLookupH) {
- print " $ThisOne\n";
- }
-@@ -658,7 +696,7 @@
- print "\n--- Failed Reverse Lookups \n";
- print "--- (eg. spam try): $Lookup Time(s)\n\n";
-
-- if ($Detail >= $LvlProtoclLines) {
-+ if ($Detail >= $LvlProtocolLines) {
- foreach $ThisOne (@LookupH) {
- print "$ThisOne\n";
- }
diff --git a/logwatch-journal.patch b/logwatch-journal.patch
deleted file mode 100644
index a51c99e..0000000
--- a/logwatch-journal.patch
+++ /dev/null
@@ -1,95 +0,0 @@
-commit 23e714ad43285d59c5b5852ef2c6013593d64671
-Author: bjorn <bjorn1 at users.sourceforge.net>
-Date: Sun May 15 13:49:08 2016 -0700
-
- [journalctl] Added shared script contributed by Mark Grimes.
-
-diff --git a/scripts/shared/journalctl b/scripts/shared/journalctl
-new file mode 100755
-index 0000000..1627fd4
---- /dev/null
-+++ b/scripts/shared/journalctl
-@@ -0,0 +1,83 @@
-+#!/usr/bin/perl
-+#
-+# The purpose of this script is to pass the output of the journalctl
-+# command to the logwatch parsers. The corresponding conf/logfile
-+# can be simple. The following example shows a logfile with two lines:
-+# LogFile = /dev/null
-+# *JournalCtl = "--output=cat --unit=service_name.service"
-+#
-+# In the example above, the arguments to the JournalCtl command are
-+# passed to the journalctl system command. It is advised to delimit
-+# the arguments in double quotes to preserve mixed case, if
-+# applicable.
-+
-+use strict;
-+use warnings;
-+
-+eval "use Date::Manip";
-+my $hasDM = $@ ? 0 : 1;
-+
-+# logwatch passes arguments as one string delimited by single quotes
-+my @args = split(" ", $ARGV[0]);
-+my @range = get_range( $ENV{LOGWATCH_DATE_RANGE} );
-+
-+my $Debug = $ENV{'LOGWATCH_DEBUG'} || 0;
-+
-+if ($Debug > 5) {
-+ warn join " ", 'journalctl', @args, @range, "\n";
-+}
-+
-+system( 'journalctl', @args, @range );
-+
-+sub get_range {
-+ my $range = lc( shift || 'all' );
-+ my @range;
-+
-+ if ( !$range || $range eq 'all' ) {
-+ @range = ();
-+ } elsif ( $range eq 'yesterday' ) {
-+ push @range, '--since', 'yesterday', '--until', 'today';
-+ } elsif ( $range eq 'today' ) {
-+ push @range, '--since', 'today', '--until', 'tomorrow';
-+ } elsif ($hasDM) {
-+
-+ # Strip off any period
-+ $range =~
-+ s/for\s+(?:those|that|this)\s+((year|month|day|hour|minute|second)s?)\s*$//;
-+
-+ # Look for between x and y
-+ my ( $range1, $range2 ) =
-+ ( $range =~ /^between\s+(.*)\s+and\s+(.*)\s*$/ );
-+
-+ # Look for since x
-+ if ( $range =~ /^\s*since\s+/ ) {
-+ ($range1) = ( $range =~ /\s*since\s+(.*)/ );
-+ $range2 = "now";
-+ }
-+
-+ # Now convert to journalctl friendly dates
-+ if ( $range1 && $range2 ) {
-+
-+ # Parse dates
-+ my $date1 = ParseDate($range1);
-+ my $date2 = ParseDate($range2);
-+
-+ # Switch if date2 is before date1
-+ if ( $date1 && $date2 and Date_Cmp( $date1, $date2 ) > 0 ) {
-+ my $switch_date = $date1;
-+ $date1 = $date2;
-+ $date2 = $switch_date;
-+ }
-+
-+ # If we ask for 1/1 to 1/2, we mean 1/2 inclusive. DM returns
-+ # 1/2 00:00:00. So we add 1 day to the end time.
-+ $date2 = DateCalc( $date2, '1 day' );
-+
-+ my $fmt = "%Y-%m-%d %H:%M:%S";
-+ push @range, '--since', UnixDate( $date1, $fmt ), '--until',
-+ UnixDate( $date2, $fmt );
-+ }
-+ }
-+
-+ return @range;
-+}
diff --git a/logwatch-journald-source.patch b/logwatch-journald-source.patch
deleted file mode 100644
index 43109b8..0000000
--- a/logwatch-journald-source.patch
+++ /dev/null
@@ -1,38 +0,0 @@
-commit ed6eb62f40cb97f71f3df4d982682de68cdf1037
-Author: Stefan Jakobs <projects at localside.net>
-Date: Tue May 31 23:34:11 2016 +0200
-
- support journald as source
-
-diff --git a/scripts/services/syslog-ng b/scripts/services/syslog-ng
-old mode 100755
-new mode 100644
-index dcd1692..d78c835
---- a/scripts/services/syslog-ng
-+++ b/scripts/services/syslog-ng
-@@ -1,5 +1,5 @@
- ###########################################################################
--# $Id$
-+# $Id: syslog-ng 280 2014-12-24 15:29:13Z stefjakobs $
- ###########################################################################
-
- ###########################################################################
-@@ -168,7 +168,7 @@ while (defined($ThisLine = <STDIN>)) {
- $Stats_dest{$processed[$i+1]} =
- $Stats_dest{$processed[$i+1]} + $processed[$i+2];
- } elsif ($processed[$i] eq "source" || $processed[$i] eq "src.internal" ||
-- $processed[$i] eq 'src.none' ) {
-+ $processed[$i] eq 'src.none' || $processed[$i] eq 'src.journald') {
- $Stats_source{$processed[$i+1]} =
- $Stats_source{$processed[$i+1]} + $processed[$i+2];
- } elsif ($processed[$i] eq "global") {
-@@ -366,7 +366,8 @@ if (keys %Stats_center || keys %Stats_dest || keys %Stats_source ||
- $lost_rcvd = 0 - $Stats_center{received};
- map {
- # skip 'src#X' as this seams to be aggregated into 'src'
-- $lost_rcvd = $lost_rcvd + $Stats_source{$_} unless ($_ =~ /src#\d+/);
-+ # skip 'journal' as this is not counted.
-+ $lost_rcvd = $lost_rcvd + $Stats_source{$_} unless ($_ =~ /(?:src#\d+|journal)/);
- } keys %Stats_source;
- }
- if ($Stats_center{queued} && %Stats_dest) {
diff --git a/logwatch-postfix.patch b/logwatch-postfix.patch
deleted file mode 100644
index 06b2cfe..0000000
--- a/logwatch-postfix.patch
+++ /dev/null
@@ -1,49 +0,0 @@
-From eb8c0256997b8d7f2cccdd37ab78674fe9c769c1 Mon Sep 17 00:00:00 2001
-From: Jan Synacek <jsynacek at redhat.com>
-Date: Tue, 10 May 2016 13:34:05 +0200
-Subject: [PATCH] postfix: fix column alignment in output
-
-Some sections are clearly longer than 23 chars, which might result in a
-misaligned output:
-
- 3602 Connections 3,602
- 82 Connections lost (inbound) 82
- 3602 Disconnections 3,602
-
- 12 Timeouts (inbound) 12
- 16 DNS lookup errors 16
- 46 Hostname verification errors (FCRDNS) 46
- 49 SMTP protocol violations 49
- 2154 TLS connections (server) 2,154
-
-Align to 39 chars now, which is currently the length of the longest
-description in the output table plus one.
----
- scripts/services/postfix | 4 ++--
- 1 file changed, 2 insertions(+), 2 deletions(-)
-
-diff --git a/scripts/services/postfix b/scripts/services/postfix
-index 9f8e07f..ddd5968 100755
---- a/scripts/services/postfix
-+++ b/scripts/services/postfix
-@@ -1360,7 +1360,7 @@ sub print_summary_report (\@) {
- my ($numfmt, $desc, $divisor) = ($sref->{FMT}, $sref->{TITLE}, $sref->{DIVISOR});
-
- my $fmt = '%8';
-- my $extra = ' %25s';
-+ my $extra = ' %9s';
- my $total = $Totals{$keyname};
-
- # Z format provides unitized or unaltered totals, as appropriate
-@@ -1383,7 +1383,7 @@ sub print_summary_report (\@) {
- }
- else {
- push @{$lines[$cur_level]},
-- sprintf "$fmt %-23s $extra\n", $total, $desc, commify ($Totals{$keyname});
-+ sprintf "$fmt %-39s $extra\n", $total, $desc, commify ($Totals{$keyname});
- }
- }
- }
---
-2.7.4
-
diff --git a/logwatch-secure-userhelper.patch b/logwatch-secure-userhelper.patch
deleted file mode 100644
index c24360a..0000000
--- a/logwatch-secure-userhelper.patch
+++ /dev/null
@@ -1,25 +0,0 @@
-Fix misparsing of userhelper log entries for hddtemp that specify a device
-using a name that includes a slash (e.g. '/usr/sbin/hddtemp -n -q /dev/sda').
-Additional slashes after the process name confuse logwatch as it considers the
-last word behind the last slash the process' name.
-
-Author: Jan Synacek <jsynacek at redhat.com>
-RH-Bugzilla: #867290
-
---- logwatch-svn110/scripts/services/secure.orig 2012-10-18 11:13:33.000000000 +0200
-+++ logwatch-svn110/scripts/services/secure 2012-10-18 11:31:08.987571713 +0200
-@@ -843,8 +843,13 @@ if (keys %Executed_app) {
- print "\nUserhelper executed applications:\n";
- foreach (keys %Executed_app) {
- ($longapp,$asuser,$user) = split ",";
-+ $longapp_orig = $longapp;
-+ $i = index($longapp, " ");
-+ if ($i > 0) {
-+ $longapp = substr($longapp, 0, $i);
-+ }
- $app = substr($longapp,rindex($longapp,"/")+1);
-- print " $user -> $app as $asuser: ".$Executed_app{"$longapp,$asuser,$user"}." Time(s)\n";
-+ print " $user -> $app as $asuser: ".$Executed_app{"$longapp_orig,$asuser,$user"}." Time(s)\n";
- }
- }
-
diff --git a/logwatch-sshd-2.patch b/logwatch-sshd-2.patch
deleted file mode 100644
index dee34e0..0000000
--- a/logwatch-sshd-2.patch
+++ /dev/null
@@ -1,26 +0,0 @@
-Resolves: #1317620
-
---- logwatch-7.4.3/scripts/services/sshd 2017-08-29 09:16:47.087028191 +0200
-+++ logwatch-7.4.3-new/scripts/services/sshd 2017-08-29 09:19:37.372081596 +0200
-@@ -297,7 +297,9 @@ while (defined(my $ThisLine = <STDIN>))
- ($ThisLine =~ /Starting session: (forced-command|subsystem|shell|command)/ ) or
- ($ThisLine =~ /Found matching \w+ key:/ ) or
- ($ThisLine =~ /User child is on pid \d/ ) or
-- ($ThisLine =~ /Nasty PTR record .* is set up for [\da-fA-F.:]+, ignoring/)
-+ ($ThisLine =~ /Nasty PTR record .* is set up for [\da-fA-F.:]+, ignoring/) or
-+ ($ThisLine =~ /Exiting on signal .*$/) or
-+ ($ThisLine =~ /Disconnected from (?:[^ ]*) port .*$/)
- ) {
- # Ignore these
- } elsif ( my ($Method,$User,$Host,$Port,$Key) = ($ThisLine =~ /^Accepted (\S+) for ((?:invalid user )?\S+) from ([\d\.:a-f]+) port (\d+) ssh[12](?:: (\w+))?/) ) {
-@@ -387,7 +389,9 @@ while (defined(my $ThisLine = <STDIN>))
- $RefusedConnections{$1}++;
- } elsif ( my ($Reason) = ($ThisLine =~ /^Authentication refused: (.*)$/ ) ) {
- $RefusedAuthentication{$Reason}++;
-- } elsif ( my ($Host,$Reason) = ($ThisLine =~ /^Received disconnect from ([^ ]*) port [^ ]*: (.*)$/)) {
-+ # Old format: Received disconnect from 192.168.122.1: 11: disconnected by user
-+ # New format: Received disconnect from 192.168.122.1 port 43680:11: disconnected by user
-+ } elsif ( my ($Host,$Reason) = ($ThisLine =~ /^Received disconnect from ([^ ]*)(?: port \d+)?: ?(.*)$/)) {
- # Reason 11 (SSH_DISCONNECT_BY_APPLICATION) is expected, and logged at severity level INFO
- if ($Reason != 11) {$DisconnectReceived{$Reason}{$Host}++;}
- } elsif ( my ($Host) = ($ThisLine =~ /^ROOT LOGIN REFUSED FROM ([^ ]*)$/)) {
diff --git a/logwatch-sshd.patch b/logwatch-sshd.patch
deleted file mode 100644
index d97c5e2..0000000
--- a/logwatch-sshd.patch
+++ /dev/null
@@ -1,26 +0,0 @@
-From 256829aeb864a25a3542aaacfb2a7ff62b77e7f4 Mon Sep 17 00:00:00 2001
-From: Jan Synacek <jsynacek at redhat.com>
-Date: Tue, 15 Mar 2016 10:29:17 +0100
-Subject: [PATCH] sshd: fix unmatched entries because of the output change in
- openssh-7.2p2
-
----
- scripts/services/sshd | 2 +-
- 1 file changed, 1 insertion(+), 1 deletion(-)
-
-diff --git a/scripts/services/sshd b/scripts/services/sshd
-index e238863..b94ea5a 100755
---- a/scripts/services/sshd
-+++ b/scripts/services/sshd
-@@ -387,7 +387,7 @@ while (defined(my $ThisLine = <STDIN>)) {
- $RefusedConnections{$1}++;
- } elsif ( my ($Reason) = ($ThisLine =~ /^Authentication refused: (.*)$/ ) ) {
- $RefusedAuthentication{$Reason}++;
-- } elsif ( my ($Host,$Reason) = ($ThisLine =~ /^Received disconnect from ([^ ]*): (.*)$/)) {
-+ } elsif ( my ($Host,$Reason) = ($ThisLine =~ /^Received disconnect from ([^ ]*) port [^ ]*: (.*)$/)) {
- # Reason 11 (SSH_DISCONNECT_BY_APPLICATION) is expected, and logged at severity level INFO
- if ($Reason != 11) {$DisconnectReceived{$Reason}{$Host}++;}
- } elsif ( my ($Host) = ($ThisLine =~ /^ROOT LOGIN REFUSED FROM ([^ ]*)$/)) {
---
-2.7.2
-
================================================================
---- gitweb:
http://git.pld-linux.org/gitweb.cgi/packages/logwatch.git/commitdiff/b80085625eacbfdf64fb9afad86c49cae8296a46
More information about the pld-cvs-commit
mailing list