[packages/logwatch] - rel 2; add patches from FC
arekm
arekm at pld-linux.org
Mon May 14 11:10:23 CEST 2018
commit f2782825fcfcaac04708815903280f8563df88c5
Author: Arkadiusz Miśkiewicz <arekm at maven.pl>
Date: Mon May 14 11:10:14 2018 +0200
- rel 2; add patches from FC
logwatch-journal.patch | 95 ++++++++++++++++++++++++++++++++++++++++
logwatch-journald-source.patch | 38 ++++++++++++++++
logwatch-postfix.patch | 49 +++++++++++++++++++++
logwatch-secure-userhelper.patch | 25 +++++++++++
logwatch-sshd-2.patch | 26 +++++++++++
logwatch-sshd.patch | 26 +++++++++++
logwatch-vsftpd.patch | 62 ++++++++++++++++++++++++++
logwatch.spec | 16 ++++++-
8 files changed, 336 insertions(+), 1 deletion(-)
---
diff --git a/logwatch.spec b/logwatch.spec
index 0d7ac12..d04c962 100644
--- a/logwatch.spec
+++ b/logwatch.spec
@@ -3,7 +3,7 @@ Summary: Analyzes system logs
Summary(pl.UTF-8): Logwatch - analizator logów systemowych
Name: logwatch
Version: 7.4.3
-Release: 1
+Release: 2
License: MIT
Group: Applications/System
Source0: http://downloads.sourceforge.net/logwatch/%{name}-%{version}.tar.gz
@@ -18,6 +18,13 @@ Source5: %{name}.tmpwatch
Patch0: %{name}-log_conf.patch
Patch1: %{name}-archives.patch
Patch2: %{name}-exim.patch
+Patch3: logwatch-journald-source.patch
+Patch4: logwatch-journal.patch
+Patch5: logwatch-postfix.patch
+Patch6: logwatch-secure-userhelper.patch
+Patch7: logwatch-sshd.patch
+Patch8: logwatch-sshd-2.patch
+Patch9: logwatch-vsftpd.patch
URL: http://www.logwatch.org/
BuildRequires: rpm-perlprov
Requires: crondaemon
@@ -47,6 +54,13 @@ użyciu i może pracować na większości systemów.
%patch0 -p1
%patch1 -p1
%patch2 -p1
+%patch3 -p1
+%patch4 -p1
+%patch5 -p1
+%patch6 -p1
+%patch7 -p1
+%patch8 -p1
+%patch9 -p1
# cleanup backups after patching
find '(' -name '*~' -o -name '*.orig' ')' -print0 | xargs -0 -r -l512 rm -f
diff --git a/logwatch-journal.patch b/logwatch-journal.patch
new file mode 100644
index 0000000..a51c99e
--- /dev/null
+++ b/logwatch-journal.patch
@@ -0,0 +1,95 @@
+commit 23e714ad43285d59c5b5852ef2c6013593d64671
+Author: bjorn <bjorn1 at users.sourceforge.net>
+Date: Sun May 15 13:49:08 2016 -0700
+
+ [journalctl] Added shared script contributed by Mark Grimes.
+
+diff --git a/scripts/shared/journalctl b/scripts/shared/journalctl
+new file mode 100755
+index 0000000..1627fd4
+--- /dev/null
++++ b/scripts/shared/journalctl
+@@ -0,0 +1,83 @@
++#!/usr/bin/perl
++#
++# The purpose of this script is to pass the output of the journalctl
++# command to the logwatch parsers. The corresponding conf/logfile
++# can be simple. The following example shows a logfile with two lines:
++# LogFile = /dev/null
++# *JournalCtl = "--output=cat --unit=service_name.service"
++#
++# In the example above, the arguments to the JournalCtl command are
++# passed to the journalctl system command. It is advised to delimit
++# the arguments in double quotes to preserve mixed case, if
++# applicable.
++
++use strict;
++use warnings;
++
++eval "use Date::Manip";
++my $hasDM = $@ ? 0 : 1;
++
++# logwatch passes arguments as one string delimited by single quotes
++my @args = split(" ", $ARGV[0]);
++my @range = get_range( $ENV{LOGWATCH_DATE_RANGE} );
++
++my $Debug = $ENV{'LOGWATCH_DEBUG'} || 0;
++
++if ($Debug > 5) {
++ warn join " ", 'journalctl', @args, @range, "\n";
++}
++
++system( 'journalctl', @args, @range );
++
++sub get_range {
++ my $range = lc( shift || 'all' );
++ my @range;
++
++ if ( !$range || $range eq 'all' ) {
++ @range = ();
++ } elsif ( $range eq 'yesterday' ) {
++ push @range, '--since', 'yesterday', '--until', 'today';
++ } elsif ( $range eq 'today' ) {
++ push @range, '--since', 'today', '--until', 'tomorrow';
++ } elsif ($hasDM) {
++
++ # Strip off any period
++ $range =~
++ s/for\s+(?:those|that|this)\s+((year|month|day|hour|minute|second)s?)\s*$//;
++
++ # Look for between x and y
++ my ( $range1, $range2 ) =
++ ( $range =~ /^between\s+(.*)\s+and\s+(.*)\s*$/ );
++
++ # Look for since x
++ if ( $range =~ /^\s*since\s+/ ) {
++ ($range1) = ( $range =~ /\s*since\s+(.*)/ );
++ $range2 = "now";
++ }
++
++ # Now convert to journalctl friendly dates
++ if ( $range1 && $range2 ) {
++
++ # Parse dates
++ my $date1 = ParseDate($range1);
++ my $date2 = ParseDate($range2);
++
++ # Switch if date2 is before date1
++ if ( $date1 && $date2 and Date_Cmp( $date1, $date2 ) > 0 ) {
++ my $switch_date = $date1;
++ $date1 = $date2;
++ $date2 = $switch_date;
++ }
++
++ # If we ask for 1/1 to 1/2, we mean 1/2 inclusive. DM returns
++ # 1/2 00:00:00. So we add 1 day to the end time.
++ $date2 = DateCalc( $date2, '1 day' );
++
++ my $fmt = "%Y-%m-%d %H:%M:%S";
++ push @range, '--since', UnixDate( $date1, $fmt ), '--until',
++ UnixDate( $date2, $fmt );
++ }
++ }
++
++ return @range;
++}
diff --git a/logwatch-journald-source.patch b/logwatch-journald-source.patch
new file mode 100644
index 0000000..43109b8
--- /dev/null
+++ b/logwatch-journald-source.patch
@@ -0,0 +1,38 @@
+commit ed6eb62f40cb97f71f3df4d982682de68cdf1037
+Author: Stefan Jakobs <projects at localside.net>
+Date: Tue May 31 23:34:11 2016 +0200
+
+ support journald as source
+
+diff --git a/scripts/services/syslog-ng b/scripts/services/syslog-ng
+old mode 100755
+new mode 100644
+index dcd1692..d78c835
+--- a/scripts/services/syslog-ng
++++ b/scripts/services/syslog-ng
+@@ -1,5 +1,5 @@
+ ###########################################################################
+-# $Id$
++# $Id: syslog-ng 280 2014-12-24 15:29:13Z stefjakobs $
+ ###########################################################################
+
+ ###########################################################################
+@@ -168,7 +168,7 @@ while (defined($ThisLine = <STDIN>)) {
+ $Stats_dest{$processed[$i+1]} =
+ $Stats_dest{$processed[$i+1]} + $processed[$i+2];
+ } elsif ($processed[$i] eq "source" || $processed[$i] eq "src.internal" ||
+- $processed[$i] eq 'src.none' ) {
++ $processed[$i] eq 'src.none' || $processed[$i] eq 'src.journald') {
+ $Stats_source{$processed[$i+1]} =
+ $Stats_source{$processed[$i+1]} + $processed[$i+2];
+ } elsif ($processed[$i] eq "global") {
+@@ -366,7 +366,8 @@ if (keys %Stats_center || keys %Stats_dest || keys %Stats_source ||
+ $lost_rcvd = 0 - $Stats_center{received};
+ map {
+ # skip 'src#X' as this seams to be aggregated into 'src'
+- $lost_rcvd = $lost_rcvd + $Stats_source{$_} unless ($_ =~ /src#\d+/);
++ # skip 'journal' as this is not counted.
++ $lost_rcvd = $lost_rcvd + $Stats_source{$_} unless ($_ =~ /(?:src#\d+|journal)/);
+ } keys %Stats_source;
+ }
+ if ($Stats_center{queued} && %Stats_dest) {
diff --git a/logwatch-postfix.patch b/logwatch-postfix.patch
new file mode 100644
index 0000000..06b2cfe
--- /dev/null
+++ b/logwatch-postfix.patch
@@ -0,0 +1,49 @@
+From eb8c0256997b8d7f2cccdd37ab78674fe9c769c1 Mon Sep 17 00:00:00 2001
+From: Jan Synacek <jsynacek at redhat.com>
+Date: Tue, 10 May 2016 13:34:05 +0200
+Subject: [PATCH] postfix: fix column alignment in output
+
+Some sections are clearly longer than 23 chars, which might result in a
+misaligned output:
+
+ 3602 Connections 3,602
+ 82 Connections lost (inbound) 82
+ 3602 Disconnections 3,602
+
+ 12 Timeouts (inbound) 12
+ 16 DNS lookup errors 16
+ 46 Hostname verification errors (FCRDNS) 46
+ 49 SMTP protocol violations 49
+ 2154 TLS connections (server) 2,154
+
+Align to 39 chars now, which is currently the length of the longest
+description in the output table plus one.
+---
+ scripts/services/postfix | 4 ++--
+ 1 file changed, 2 insertions(+), 2 deletions(-)
+
+diff --git a/scripts/services/postfix b/scripts/services/postfix
+index 9f8e07f..ddd5968 100755
+--- a/scripts/services/postfix
++++ b/scripts/services/postfix
+@@ -1360,7 +1360,7 @@ sub print_summary_report (\@) {
+ my ($numfmt, $desc, $divisor) = ($sref->{FMT}, $sref->{TITLE}, $sref->{DIVISOR});
+
+ my $fmt = '%8';
+- my $extra = ' %25s';
++ my $extra = ' %9s';
+ my $total = $Totals{$keyname};
+
+ # Z format provides unitized or unaltered totals, as appropriate
+@@ -1383,7 +1383,7 @@ sub print_summary_report (\@) {
+ }
+ else {
+ push @{$lines[$cur_level]},
+- sprintf "$fmt %-23s $extra\n", $total, $desc, commify ($Totals{$keyname});
++ sprintf "$fmt %-39s $extra\n", $total, $desc, commify ($Totals{$keyname});
+ }
+ }
+ }
+--
+2.7.4
+
diff --git a/logwatch-secure-userhelper.patch b/logwatch-secure-userhelper.patch
new file mode 100644
index 0000000..c24360a
--- /dev/null
+++ b/logwatch-secure-userhelper.patch
@@ -0,0 +1,25 @@
+Fix misparsing of userhelper log entries for hddtemp that specify a device
+using a name that includes a slash (e.g. '/usr/sbin/hddtemp -n -q /dev/sda').
+Additional slashes after the process name confuse logwatch as it considers the
+last word behind the last slash the process' name.
+
+Author: Jan Synacek <jsynacek at redhat.com>
+RH-Bugzilla: #867290
+
+--- logwatch-svn110/scripts/services/secure.orig 2012-10-18 11:13:33.000000000 +0200
++++ logwatch-svn110/scripts/services/secure 2012-10-18 11:31:08.987571713 +0200
+@@ -843,8 +843,13 @@ if (keys %Executed_app) {
+ print "\nUserhelper executed applications:\n";
+ foreach (keys %Executed_app) {
+ ($longapp,$asuser,$user) = split ",";
++ $longapp_orig = $longapp;
++ $i = index($longapp, " ");
++ if ($i > 0) {
++ $longapp = substr($longapp, 0, $i);
++ }
+ $app = substr($longapp,rindex($longapp,"/")+1);
+- print " $user -> $app as $asuser: ".$Executed_app{"$longapp,$asuser,$user"}." Time(s)\n";
++ print " $user -> $app as $asuser: ".$Executed_app{"$longapp_orig,$asuser,$user"}." Time(s)\n";
+ }
+ }
+
diff --git a/logwatch-sshd-2.patch b/logwatch-sshd-2.patch
new file mode 100644
index 0000000..dee34e0
--- /dev/null
+++ b/logwatch-sshd-2.patch
@@ -0,0 +1,26 @@
+Resolves: #1317620
+
+--- logwatch-7.4.3/scripts/services/sshd 2017-08-29 09:16:47.087028191 +0200
++++ logwatch-7.4.3-new/scripts/services/sshd 2017-08-29 09:19:37.372081596 +0200
+@@ -297,7 +297,9 @@ while (defined(my $ThisLine = <STDIN>))
+ ($ThisLine =~ /Starting session: (forced-command|subsystem|shell|command)/ ) or
+ ($ThisLine =~ /Found matching \w+ key:/ ) or
+ ($ThisLine =~ /User child is on pid \d/ ) or
+- ($ThisLine =~ /Nasty PTR record .* is set up for [\da-fA-F.:]+, ignoring/)
++ ($ThisLine =~ /Nasty PTR record .* is set up for [\da-fA-F.:]+, ignoring/) or
++ ($ThisLine =~ /Exiting on signal .*$/) or
++ ($ThisLine =~ /Disconnected from (?:[^ ]*) port .*$/)
+ ) {
+ # Ignore these
+ } elsif ( my ($Method,$User,$Host,$Port,$Key) = ($ThisLine =~ /^Accepted (\S+) for ((?:invalid user )?\S+) from ([\d\.:a-f]+) port (\d+) ssh[12](?:: (\w+))?/) ) {
+@@ -387,7 +389,9 @@ while (defined(my $ThisLine = <STDIN>))
+ $RefusedConnections{$1}++;
+ } elsif ( my ($Reason) = ($ThisLine =~ /^Authentication refused: (.*)$/ ) ) {
+ $RefusedAuthentication{$Reason}++;
+- } elsif ( my ($Host,$Reason) = ($ThisLine =~ /^Received disconnect from ([^ ]*) port [^ ]*: (.*)$/)) {
++ # Old format: Received disconnect from 192.168.122.1: 11: disconnected by user
++ # New format: Received disconnect from 192.168.122.1 port 43680:11: disconnected by user
++ } elsif ( my ($Host,$Reason) = ($ThisLine =~ /^Received disconnect from ([^ ]*)(?: port \d+)?: ?(.*)$/)) {
+ # Reason 11 (SSH_DISCONNECT_BY_APPLICATION) is expected, and logged at severity level INFO
+ if ($Reason != 11) {$DisconnectReceived{$Reason}{$Host}++;}
+ } elsif ( my ($Host) = ($ThisLine =~ /^ROOT LOGIN REFUSED FROM ([^ ]*)$/)) {
diff --git a/logwatch-sshd.patch b/logwatch-sshd.patch
new file mode 100644
index 0000000..d97c5e2
--- /dev/null
+++ b/logwatch-sshd.patch
@@ -0,0 +1,26 @@
+From 256829aeb864a25a3542aaacfb2a7ff62b77e7f4 Mon Sep 17 00:00:00 2001
+From: Jan Synacek <jsynacek at redhat.com>
+Date: Tue, 15 Mar 2016 10:29:17 +0100
+Subject: [PATCH] sshd: fix unmatched entries because of the output change in
+ openssh-7.2p2
+
+---
+ scripts/services/sshd | 2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+
+diff --git a/scripts/services/sshd b/scripts/services/sshd
+index e238863..b94ea5a 100755
+--- a/scripts/services/sshd
++++ b/scripts/services/sshd
+@@ -387,7 +387,7 @@ while (defined(my $ThisLine = <STDIN>)) {
+ $RefusedConnections{$1}++;
+ } elsif ( my ($Reason) = ($ThisLine =~ /^Authentication refused: (.*)$/ ) ) {
+ $RefusedAuthentication{$Reason}++;
+- } elsif ( my ($Host,$Reason) = ($ThisLine =~ /^Received disconnect from ([^ ]*): (.*)$/)) {
++ } elsif ( my ($Host,$Reason) = ($ThisLine =~ /^Received disconnect from ([^ ]*) port [^ ]*: (.*)$/)) {
+ # Reason 11 (SSH_DISCONNECT_BY_APPLICATION) is expected, and logged at severity level INFO
+ if ($Reason != 11) {$DisconnectReceived{$Reason}{$Host}++;}
+ } elsif ( my ($Host) = ($ThisLine =~ /^ROOT LOGIN REFUSED FROM ([^ ]*)$/)) {
+--
+2.7.2
+
diff --git a/logwatch-vsftpd.patch b/logwatch-vsftpd.patch
new file mode 100644
index 0000000..86557d6
--- /dev/null
+++ b/logwatch-vsftpd.patch
@@ -0,0 +1,62 @@
+Correctly apply time filter when parsing vsftpd log messages.
+
+Author: Ivana Varekova <varekova at redhat.com>
+RH-Bugzilla: #217226
+
+--- logwatch-7.3.1/scripts/logwatch.pl.pom 2006-09-16 06:04:14.000000000 +0200
++++ logwatch-7.3.1/scripts/logwatch.pl 2006-11-29 13:16:22.000000000 +0100
+@@ -917,11 +917,16 @@
+ my $FilterText = " ";
+ foreach (sort keys %{$LogFileData{$LogFile}}) {
+ my $cmd = $_;
++
+ if ($cmd =~ s/^\d+-\*//) {
+ if (-f "$ConfigDir/scripts/shared/$cmd") {
+ $FilterText .= ("| $PerlVersion $ConfigDir/scripts/shared/$cmd '$LogFileData{$LogFile}{$_}'" );
+ } elsif (-f "$BaseDir/scripts/shared/$cmd") {
+- $FilterText .= ("| $PerlVersion $BaseDir/scripts/shared/$cmd '$LogFileData{$LogFile}{$_}'" );
++ if ($LogFile =~ /^vsftpd$/ ) {
++ $FilterText .= ("| $PerlVersion $BaseDir/scripts/shared/applyvsftpddate '$LogFileData{$LogFile}{$_}'" );
++ } else {
++ $FilterText .= ("| $PerlVersion $BaseDir/scripts/shared/$cmd '$LogFileData{$LogFile}{$_}'" );
++ }
+ } else {
+ die "Cannot find shared script $cmd\n";
+ }
+--- logwatch-7.3.1/scripts/shared/applyvsftpddate.pom 2006-11-29 13:13:28.000000000 +0100
++++ logwatch-7.3.1/scripts/shared/applyvsftpddate 2006-11-29 13:10:26.000000000 +0100
+@@ -0,0 +1,34 @@
++##########################################################################
++# $Id: applystddate,v 1.18 2005/10/22 00:19:56 bjorn Exp $
++##########################################################################
++
++########################################################
++# This was written and is maintained by:
++# Kirk Bauer <kirk at kaybee.org>
++#
++# Please send all comments, suggestions, bug reports,
++# etc, to logwatch-devel at logwatch.org
++########################################################
++
++use Logwatch ':dates';
++
++my $Debug = $ENV{'LOGWATCH_DEBUG'} || 0;
++
++$SearchDate = TimeFilter('%b %e %H:%M:%S 20%y');
++
++# The date might be "Dec 09", but it needs to be "Dec 9"...
++#$SearchDate =~ s/ 0/ /;
++# The format of Fri Nov 29 20:59:09 2005
++
++if ( $Debug > 5 ) {
++ print STDERR "DEBUG: Inside ApplyStdDate...\n";
++ print STDERR "DEBUG: Looking For: " . $SearchDate . "\n";
++}
++
++while (defined($ThisLine = <STDIN>)) {
++ if ($ThisLine =~ m/(Mon|Tue|Wed|Thu|Fri|Sat|Sun) $SearchDate/o) {
++ print "$ThisLine";
++ }
++}
++
++# vi: shiftwidth=3 syntax=perl tabstop=3 et
================================================================
---- gitweb:
http://git.pld-linux.org/gitweb.cgi/packages/logwatch.git/commitdiff/f2782825fcfcaac04708815903280f8563df88c5
More information about the pld-cvs-commit
mailing list