[Logcheck-commits] [logcheck] 01/01: i.d.s/su: allow '.' and '_' in username

[Hannes von Haugwitz]

This is an automated email from the git hooks/post-receive script.

hvhaugwitz pushed a commit to branch master
in repository logcheck.

commit 82f71d5b2c3a09f61833856172defcc680ea1a08
Author: Hannes von Haugwitz <hannes at vonhaugwitz.com>
Date:   Sat Jan 14 09:41:16 2017 +0100

    i.d.s/su: allow '.' and '_' in username
    
    closes: #780441
---
 debian/changelog                   |  2 ++
 rulefiles/linux/ignore.d.server/su | 14 +++++++-------
 2 files changed, 9 insertions(+), 7 deletions(-)

diff --git a/debian/changelog b/debian/changelog
index 4f0a9b6..ad2d305 100644
--- a/debian/changelog
+++ b/debian/changelog
@@ -8,6 +8,8 @@ logcheck (1.3.18) UNRELEASED; urgency=medium
     - rewrite rules (LP: #1357880, closes: #809605)
   * ignore.d.server/ssh:
     - add generic preauth disconnect rule (closes: #775090)
+  * ignore.d.server/su:
+    - allow '.' and '_' in username (closes: #780441)
 
  -- Hannes von Haugwitz <hannes at vonhaugwitz.com>  Wed, 16 Dec 2015 06:02:39 +0100
 
diff --git a/rulefiles/linux/ignore.d.server/su b/rulefiles/linux/ignore.d.server/su
index e054f38..645735c 100644
--- a/rulefiles/linux/ignore.d.server/su
+++ b/rulefiles/linux/ignore.d.server/su
@@ -1,8 +1,8 @@
-^\w{3} [ :0-9]{11} [._[:alnum:]-]+ su\[[0-9]+\]: (\+|-) (/dev/)?(pts/[0-9]{1,2}|tty[0-9]) [_[:alnum:]-]+:[_[:alnum:]-]+$
-^\w{3} [ :0-9]{11} [._[:alnum:]-]+ su\[[0-9]+\]: Successful su for [[:alnum:]-]+ by [[:alnum:]-]+$
-^\w{3} [ :0-9]{11} [._[:alnum:]-]+ su\[[0-9]+\]: \(pam_[[:alnum:]]+\) session closed for user [[:alnum:]-]+$
-^\w{3} [ :0-9]{11} [._[:alnum:]-]+ su\[[0-9]+\]: \(pam_[[:alnum:]]+\) session opened for user [[:alnum:]-]+ by ([[:alnum:]-]+)?\(uid=[0-9]+\)$
-^\w{3} [ :0-9]{11} [._[:alnum:]-]+ su\[[0-9]+\]: \+ \?\?\? root:[_[:alnum:]-]+$
-^\w{3} [ :0-9]{11} [._[:alnum:]-]+ su\[[0-9]+\]: pam_[[:alnum:]]+\(su:session\): session closed for user [[:alnum:]-]+$
-^\w{3} [ :0-9]{11} [._[:alnum:]-]+ su\[[0-9]+\]: pam_[[:alnum:]]+\(su:session\): session opened for user [[:alnum:]-]+ by ([[:alnum:]-]+)?\(uid=[0-9]+\)$
+^\w{3} [ :0-9]{11} [._[:alnum:]-]+ su\[[0-9]+\]: (\+|-) (/dev/)?(pts/[0-9]{1,2}|tty[0-9]) [._[:alnum:]-]+:[._[:alnum:]-]+$
+^\w{3} [ :0-9]{11} [._[:alnum:]-]+ su\[[0-9]+\]: Successful su for [._[:alnum:]-]+ by [._[:alnum:]-]+$
+^\w{3} [ :0-9]{11} [._[:alnum:]-]+ su\[[0-9]+\]: \(pam_[[:alnum:]]+\) session closed for user [._[:alnum:]-]+$
+^\w{3} [ :0-9]{11} [._[:alnum:]-]+ su\[[0-9]+\]: \(pam_[[:alnum:]]+\) session opened for user [._[:alnum:]-]+ by ([._[:alnum:]-]+)?\(uid=[0-9]+\)$
+^\w{3} [ :0-9]{11} [._[:alnum:]-]+ su\[[0-9]+\]: \+ \?\?\? root:[._[:alnum:]-]+$
+^\w{3} [ :0-9]{11} [._[:alnum:]-]+ su\[[0-9]+\]: pam_[[:alnum:]]+\(su:session\): session closed for user [._[:alnum:]-]+$
+^\w{3} [ :0-9]{11} [._[:alnum:]-]+ su\[[0-9]+\]: pam_[[:alnum:]]+\(su:session\): session opened for user [._[:alnum:]-]+ by ([._[:alnum:]-]+)?\(uid=[0-9]+\)$
 ^\w{3} [ :0-9]{11} [._[:alnum:]-]+ su\[[0-9]+\]: pam_authenticate: Authentication failure$

-- 
Alioth's /usr/local/bin/git-commit-notice on /srv/git.debian.org/git/logcheck/logcheck.git