[Logcheck-commits] Gerfried Fuchs: Rule changes pulled from 1.3 branch: upsd, su

Gerfried Fuchs alfie at alioth.debian.org
Mon Feb 9 20:17:52 UTC 2009 

Module: logcheck
Branch: 1.2
Commit: 073c11b7ddbc36af94e8f023299b167a80c52be3
URL:    http://git.debian.org/?p=logcheck/logcheck.git;a=commit;h=073c11b7ddbc36af94e8f023299b167a80c52be3

Author: Gerfried Fuchs <rhonda at debian.at>
Date:   Mon Feb  9 17:55:29 2009 +0100

Rule changes pulled from 1.3 branch: upsd, su

---

 debian/changelog                     |    6 ++++++
 rulefiles/linux/ignore.d.server/upsd |    2 ++
 rulefiles/linux/violations.d/su      |    4 ++--
 3 files changed, 10 insertions(+), 2 deletions(-)

diff --git a/debian/changelog b/debian/changelog
index 8dc44a4..900f3f4 100644
--- a/debian/changelog
+++ b/debian/changelog
@@ -3,6 +3,12 @@ logcheck (1.2.69) unstable; urgency=low
   [ Gerfried Fuchs ]
   * Merge ssh rule change from violations.ignore.d/logcheck-ssh to
     ignore.d.server/ssh (closes: #500017)
+  * Rule changes pulled from 1.3 branch:
+    - ignore.d.server/upsd:
+      + ignore client connection messages (closes: #495923).
+    - violations.d/su:
+      + match both, user-root and user:root styles (closes: #491694).
+
 
  -- Gerfried Fuchs <rhonda at debian.at>  Wed, 24 Sep 2008 14:02:56 +0200
 
diff --git a/rulefiles/linux/ignore.d.server/upsd b/rulefiles/linux/ignore.d.server/upsd
new file mode 100644
index 0000000..0ba57f3
--- /dev/null
+++ b/rulefiles/linux/ignore.d.server/upsd
@@ -0,0 +1,2 @@
+^\w{3} [ :0-9]{11} [._[:alnum:]-]+ upsd\[[0-9]+\]: Connection from [.[:digit:]]{7,15}$
+^\w{3} [ :0-9]{11} [._[:alnum:]-]+ upsd\[[0-9]+\]: Client on [.[:digit:]]{7,15} logged out$
diff --git a/rulefiles/linux/violations.d/su b/rulefiles/linux/violations.d/su
index 2ec19a9..a8d5889 100644
--- a/rulefiles/linux/violations.d/su
+++ b/rulefiles/linux/violations.d/su
@@ -1,4 +1,4 @@
 ^\w{3} [ :0-9]{11} [._[:alnum:]-]+ su\[[0-9]+\]: \(pam_[[:alnum:]]+\) .*$
 ^\w{3} [ :0-9]{11} [._[:alnum:]-]+ su\[[0-9]+\]: .*$
-^\w{3} [ :0-9]{11} [._[:alnum:]-]+ su\[[0-9]+\]: \+ pts/[0-9]+ [[:alnum:]]+-root$
-^\w{3} [ :0-9]{11} [._[:alnum:]-]+ su\[[0-9]+\]: \+ \?\?\? root-[[:alnum:]]+$
+^\w{3} [ :0-9]{11} [._[:alnum:]-]+ su\[[0-9]+\]: \+ pts/[0-9]+ [[:alnum:]]+[-:]root$
+^\w{3} [ :0-9]{11} [._[:alnum:]-]+ su\[[0-9]+\]: \+ \?\?\? root[-:][[:alnum:]]+$

More information about the Logcheck-commits mailing list