aboutsummaryrefslogtreecommitdiffstats
path: root/security
diff options
context:
space:
mode:
Diffstat (limited to 'security')
-rw-r--r--security/logcheck/Makefile8
-rw-r--r--security/logcheck/distinfo6
-rw-r--r--security/logcheck/files/extra-patch-etc__logcheck.conf.in7
-rw-r--r--security/logcheck/files/extra-patch-src__logcheck.in135
-rw-r--r--security/logcheck/pkg-plist65
5 files changed, 100 insertions, 121 deletions
diff --git a/security/logcheck/Makefile b/security/logcheck/Makefile
index eee1990549cf..e7444bd64236 100644
--- a/security/logcheck/Makefile
+++ b/security/logcheck/Makefile
@@ -6,8 +6,7 @@
#
PORTNAME= logcheck
-PORTVERSION= 1.2.69
-PORTREVISION= 2
+PORTVERSION= 1.3.10
CATEGORIES= security
MASTER_SITES= ${MASTER_SITE_DEBIAN_POOL}
DISTNAME= ${PORTNAME}_${PORTVERSION}
@@ -15,7 +14,8 @@ DISTNAME= ${PORTNAME}_${PORTVERSION}
MAINTAINER= glarkin@FreeBSD.org
COMMENT= Auditing tool for system logs on Unix boxes
-RUN_DEPENDS= lockfile:${PORTSDIR}/mail/procmail \
+RUN_DEPENDS= mime-construct:${PORTSDIR}/mail/mime-construct \
+ lockfile:${PORTSDIR}/mail/procmail \
bash:${PORTSDIR}/shells/bash
PORTSCOUT= limit:^1\.2\.
@@ -28,7 +28,7 @@ LOGCHECK_GID= ${LOGCHECK_UID}
# Enable Perl dependency for logtail script
USE_PERL5= 5.8.0+
-WRKSRC= ${WRKDIR}/${PORTNAME}-${PORTVERSION}
+WRKSRC= ${WRKDIR}/${PORTNAME}
BINMODE= 755
SHAREMODE= 640
SUB_LIST+= LOGCHECK_USER=${LOGCHECK_USER} \
diff --git a/security/logcheck/distinfo b/security/logcheck/distinfo
index 2abf1f3a489d..5659b20c1b27 100644
--- a/security/logcheck/distinfo
+++ b/security/logcheck/distinfo
@@ -1,3 +1,3 @@
-MD5 (logcheck_1.2.69.tar.gz) = 7d1671e762d3b99fb1832e0c01edf9fe
-SHA256 (logcheck_1.2.69.tar.gz) = c1c8438f098d09554a857c68db09f4076b7a868818fb9e5d158a802127176ecf
-SIZE (logcheck_1.2.69.tar.gz) = 145023
+MD5 (logcheck_1.3.10.tar.gz) = 71b4cf145b94e6bf796d77de3589ae79
+SHA256 (logcheck_1.3.10.tar.gz) = b150f15c42b51266efeecd91195d5d3b55be684bea86f851022d0380c32dd2ba
+SIZE (logcheck_1.3.10.tar.gz) = 155708
diff --git a/security/logcheck/files/extra-patch-etc__logcheck.conf.in b/security/logcheck/files/extra-patch-etc__logcheck.conf.in
index 4223428582f8..c058a2d81f36 100644
--- a/security/logcheck/files/extra-patch-etc__logcheck.conf.in
+++ b/security/logcheck/files/extra-patch-etc__logcheck.conf.in
@@ -1,6 +1,6 @@
---- ./etc/logcheck.conf.orig 2006-10-29 02:55:02.000000000 -0500
-+++ ./etc/logcheck.conf 2008-09-06 19:11:28.000000000 -0400
-@@ -47,12 +47,7 @@
+--- etc/logcheck.conf.orig 2010-04-15 01:15:34.000000000 +0900
++++ etc/logcheck.conf 2010-05-12 14:22:13.000000000 +0900
+@@ -53,13 +53,7 @@
# Controls the base directory for rules file location
# This must be an absolute path
@@ -8,6 +8,7 @@
-
-# Controls if syslog-summary is run over each section.
-# Alternatively, set to "1" to enable extra summary.
+-# HINT: syslog-summary needs to be installed.
-
-#SYSLOGSUMMARY=0
+#RULEDIR="%%ETCDIR%%"
diff --git a/security/logcheck/files/extra-patch-src__logcheck.in b/security/logcheck/files/extra-patch-src__logcheck.in
index ab30dd748411..703b32566170 100644
--- a/security/logcheck/files/extra-patch-src__logcheck.in
+++ b/security/logcheck/files/extra-patch-src__logcheck.in
@@ -1,17 +1,17 @@
---- src/logcheck.orig 2007-01-16 01:13:27.000000000 -0500
-+++ src/logcheck 2009-12-17 19:33:34.000000000 -0500
+--- src/logcheck.orig 2010-07-07 15:59:57.000000000 -0400
++++ src/logcheck 2010-07-07 16:19:33.000000000 -0400
@@ -1,4 +1,4 @@
-#!/bin/bash
+#!%%LOCALBASE%%/bin/bash
#
- # Copyright (C) 2004-2006 Debian Logcheck Team
+ # Copyright (C) 2004-2010 Debian Logcheck Team
# <logcheck-devel@alioth.lists.debian.org>
-@@ -26,17 +26,10 @@
+@@ -24,17 +24,10 @@
- if [ $UID == 0 ]; then
+ if [ `id -u` = 0 ]; then
echo "logcheck should not be run as root. Use su to invoke logcheck:"
- echo "su -s /bin/bash -c \"/usr/sbin/logcheck${@:+ $@}\" logcheck"
-+ echo "su -m logcheck -c \"%%LOCALBASE%%/bin/bash %%PREFIX%%/sbin/logcheck${@:+ $@}\""
++ echo "su -m %%LOGCHECK_USER%% -c \"%%LOCALBASE%%/bin/bash %%PREFIX%%/sbin/logcheck${@:+ $@}\""
echo "Or use sudo: sudo -u logcheck logcheck${@:+ $@}."
# you may want to uncomment that hack to let logcheck invoke itself.
- # su -s /bin/bash -c "$0 $*" logcheck
@@ -26,7 +26,16 @@
exit 1
fi
-@@ -68,12 +61,12 @@
+@@ -51,7 +44,7 @@
+
+ # Get the details for the email message
+ DATE="$(date +'%Y-%m-%d %H:%M')"
+-VERSION="1.3.7"
++VERSION="1.3.10"
+
+ # Set the default report level
+ REPORTLEVEL="server"
+@@ -69,12 +62,12 @@
ADDTAG="no"
# Set the default paths
@@ -45,7 +54,7 @@
CAT="/bin/cat"
SYSLOG_SUMMARY="/usr/bin/syslog-summary"
-@@ -87,26 +80,21 @@
+@@ -89,20 +82,15 @@
SORTUNIQ=0
SUPPORT_CRACKING_IGNORE=0
SYSLOGSUMMARY=0
@@ -58,44 +67,37 @@
- if [ -n "$LOCK" ]; then
- debug "cleanup: Killing lockfile-touch - $LOCK"
-- kill $LOCK && unset LOCK
+- kill "$LOCK" && unset LOCK
- fi
-
- if [ -f "$LOCKFILE.lock" ]; then
- debug "cleanup: Removing lockfile: $LOCKFILE.lock"
-- lockfile-remove $LOCKFILE
+- lockfile-remove "$LOCKFILE"
+ if [ -f "$LOCKFILE" ]; then
+ debug "cleanup: Removing lockfile: $LOCKFILE"
-+ rm -f $LOCKFILE
++ rm -f "$LOCKFILE"
fi
- if [ -d $TMPDIR ]; then
- # Remove the tmp directory
- if [ $NOCLEANUP -eq 0 ];then
-- cd /var/lib/logcheck
-+ cd /var/db/logcheck
- debug "cleanup: Removing - $TMPDIR"
- rm -r $TMPDIR
- else
-@@ -142,14 +130,9 @@
+ if [ -d "$TMPDIR" ]; then
+@@ -144,14 +132,9 @@
if [ "$2" = "noclean" ]; then
debug "error: Not removing lockfile"
else
- if [ -n "$LOCK" ]; then
- debug "error: Killing lockfile-touch - $LOCK"
-- kill $LOCK && unset LOCK
+- kill "$LOCK" && unset LOCK
- fi
-
- if [ -f "$LOCKFILE.lock" ]; then
- debug "error: Removing lockfile: $LOCKFILE.lock"
-- lockfile-remove $LOCKFILE
+- lockfile-remove "$LOCKFILE"
+ if [ -f "$LOCKFILE" ]; then
+ debug "error: Removing lockfile: $LOCKFILE"
-+ rm -f $LOCKFILE
++ rm -f "$LOCKFILE"
fi
-
+
fi
-@@ -168,7 +151,7 @@
+@@ -170,7 +153,7 @@
${TMPDIR:+Check temporary directory: $TMPDIR
}
Also verify that the logcheck user can read all files referenced in
@@ -104,78 +106,61 @@
$(export)
EOF
-@@ -185,8 +168,8 @@
-
- # Add an identification line at the beginning of the sent mail
- setintro() {
-- if [ -f /etc/logcheck/header.txt -a -r /etc/logcheck/header.txt ] ; then
-- $CAT /etc/logcheck/header.txt >> $TMPDIR/report \
-+ if [ -f %%ETCDIR%%/header.txt -a -r %%ETCDIR%%/header.txt ] ; then
-+ $CAT %%ETCDIR%%/header.txt >> $TMPDIR/report \
- || error "Could not append header to $TMPDIR/report."
- fi
- }
-@@ -194,8 +177,8 @@
-
- # Add a footer to the report.
- setfooter() {
-- if [ -f /etc/logcheck/footer.txt -a -r /etc/logcheck/footer.txt ] ; then
-- $CAT /etc/logcheck/footer.txt >> $TMPDIR/report \
-+ if [ -f %%ETCDIR%%/footer.txt -a -r %%ETCDIR%%/footer.txt ] ; then
-+ $CAT %%ETCDIR%%/footer.txt >> $TMPDIR/report \
- || error "Could not append footer to $TMPDIR/report."
- fi
- }
-@@ -212,8 +195,7 @@
- mkdir $cleaned \
+@@ -215,7 +198,7 @@
+ mkdir "$cleaned" \
|| error "Could not make dir $cleaned for cleaned rulefiles."
fi
-- for rulefile in $(run-parts --list $dir); do
-- rulefile=$(basename $rulefile)
-+ for rulefile in $(ls -1R $dir); do
- if [ -f ${dir}/${rulefile} ]; then
+- for rulefile in $(run-parts --list "$dir"); do
++ for rulefile in $(ls -1R "$dir"); do
+ rulefile="$(basename "$rulefile")"
+ if [ -f "${dir}/${rulefile}" ]; then
debug "cleanrules: ${dir}/${rulefile}"
- if [ -r ${dir}/${rulefile} ]; then
-@@ -544,9 +526,9 @@
+@@ -529,9 +512,9 @@
# Hostname either fully qualified or not.
- if [ $FQDN -eq 1 ]; then
-- HOSTNAME="$(hostname --fqdn)" > /dev/null 2>&1
-+ HOSTNAME="$(hostname -f)" > /dev/null 2>&1
+ if [ "$FQDN" -eq 1 ]; then
+- HOSTNAME="$(hostname --fqdn 2>/dev/null)"
++ HOSTNAME="$(hostname -f 2>/dev/null)"
else
-- HOSTNAME="$(hostname --short)" > /dev/null 2>&1
-+ HOSTNAME="$(hostname -s)" > /dev/null 2>&1
+- HOSTNAME="$(hostname --short 2>/dev/null)"
++ HOSTNAME="$(hostname -s 2>/dev/null)"
fi
-
+
# Now check for the other options
-@@ -625,25 +607,21 @@
+@@ -610,30 +593,25 @@
trap 'cleanup' 0
-debug "Trying to get lockfile: $LOCKFILE.lock"
+debug "Trying to get lockfile: $LOCKFILE"
- if [ ! -d $LOCKDIR ]; then
- mkdir -m 0755 $LOCKDIR
+ if [ ! -d "$LOCKDIR" ]; then
+ mkdir -m 0755 "$LOCKDIR"
fi
--lockfile-create --retry 1 $LOCKFILE > /dev/null 2>&1
-+lockfile -r 1 $LOCKFILE > /dev/null 2>&1
+-lockfile-create --retry 1 "$LOCKFILE" > /dev/null 2>&1
++lockfile -r 1 "$LOCKFILE" > /dev/null 2>&1
- if [ $? -eq 1 ]; then
+ if [ $? -eq 1 ]; then
trap 0
-- error "Failed to get lockfile: $LOCKFILE.lock" "noclean"
--else
+- if [ -e "${LOCKFILE}.lock" ]; then
++ if [ -e "${LOCKFILE}" ]; then
+ error "Another logcheck process is still running" "noclean"
+ else
+- error "Failed to get lockfile: $LOCKFILE.lock" "noclean"
++ error "Failed to get lockfile: $LOCKFILE" "noclean"
+ fi
+-
+-else
- debug "Running lockfile-touch $LOCKFILE.lock"
-- lockfile-touch $LOCKFILE &
+- lockfile-touch "$LOCKFILE" &
- LOCK="$!"
-+ error "Failed to get lockfile: $LOCKFILE" "noclean"
fi
# Create the secure temporary directory or exit
--TMPDIR=$(mktemp -d -p ${TMP:-/tmp} logcheck.XXXXXX) \
-- || TMPDIR=$(mktemp -d -p /var/tmp logcheck.XXXXXX) \
-+TMPDIR=$(mktemp -d /tmp/logcheck.XXXXXX) \
-+ || TMPDIR=$(mktemp -d /var/tmp/logcheck.XXXXXX) \
+-TMPDIR="$(mktemp -d -p "${TMP:-/tmp}" logcheck.XXXXXX)" \
+- || TMPDIR="$(mktemp -d -p /var/tmp logcheck.XXXXXX)" \
++TMPDIR="$(mktemp -d ${TMP:-/tmp}/logcheck.XXXXXX)" \
++ || TMPDIR="$(mktemp -d /var/tmp/logcheck.XXXXXX)" \
|| error "Could not create temporary directory"
# Now clean the rulefiles in the directories
diff --git a/security/logcheck/pkg-plist b/security/logcheck/pkg-plist
index 3cb038ad7a6c..dcd0793cfce4 100644
--- a/security/logcheck/pkg-plist
+++ b/security/logcheck/pkg-plist
@@ -1,11 +1,16 @@
-%%ETCDIR%%/cracking.d/logcheck
+%%ETCDIR%%/cracking.d/kernel
+%%ETCDIR%%/cracking.d/rlogind
+%%ETCDIR%%/cracking.d/rsh
%%ETCDIR%%/cracking.d/smartd
+%%ETCDIR%%/cracking.d/tftpd
+%%ETCDIR%%/cracking.d/uucico
%%ETCDIR%%/ignore.d.paranoid/bind
%%ETCDIR%%/ignore.d.paranoid/cron
%%ETCDIR%%/ignore.d.paranoid/incron
%%ETCDIR%%/ignore.d.paranoid/logcheck
%%ETCDIR%%/ignore.d.paranoid/postfix
%%ETCDIR%%/ignore.d.paranoid/ppp
+%%ETCDIR%%/ignore.d.paranoid/pureftp
%%ETCDIR%%/ignore.d.paranoid/qpopper
%%ETCDIR%%/ignore.d.paranoid/squid
%%ETCDIR%%/ignore.d.paranoid/ssh
@@ -13,12 +18,15 @@
%%ETCDIR%%/ignore.d.paranoid/sysklogd
%%ETCDIR%%/ignore.d.paranoid/telnetd
%%ETCDIR%%/ignore.d.paranoid/tripwire
+%%ETCDIR%%/ignore.d.paranoid/usb
%%ETCDIR%%/ignore.d.server/acpid
%%ETCDIR%%/ignore.d.server/amandad
%%ETCDIR%%/ignore.d.server/anacron
%%ETCDIR%%/ignore.d.server/anon-proxy
%%ETCDIR%%/ignore.d.server/apache
+%%ETCDIR%%/ignore.d.server/apcupsd
%%ETCDIR%%/ignore.d.server/arpwatch
+%%ETCDIR%%/ignore.d.server/asterisk
%%ETCDIR%%/ignore.d.server/automount
%%ETCDIR%%/ignore.d.server/bind
%%ETCDIR%%/ignore.d.server/bluez-utils
@@ -44,7 +52,9 @@
%%ETCDIR%%/ignore.d.server/dspam
%%ETCDIR%%/ignore.d.server/epmd
%%ETCDIR%%/ignore.d.server/exim4
+%%ETCDIR%%/ignore.d.server/fcron
%%ETCDIR%%/ignore.d.server/ftpd
+%%ETCDIR%%/ignore.d.server/git-daemon
%%ETCDIR%%/ignore.d.server/gnu-imap4d
%%ETCDIR%%/ignore.d.server/gps
%%ETCDIR%%/ignore.d.server/grinch
@@ -62,22 +72,25 @@
%%ETCDIR%%/ignore.d.server/isdnutils
%%ETCDIR%%/ignore.d.server/jabberd
%%ETCDIR%%/ignore.d.server/kernel
+%%ETCDIR%%/ignore.d.server/klogind
%%ETCDIR%%/ignore.d.server/krb5-kdc
%%ETCDIR%%/ignore.d.server/libpam-mount
%%ETCDIR%%/ignore.d.server/logcheck
-%%ETCDIR%%/ignore.d.server/lpr
+%%ETCDIR%%/ignore.d.server/login
%%ETCDIR%%/ignore.d.server/maradns
%%ETCDIR%%/ignore.d.server/mldonkey-server
%%ETCDIR%%/ignore.d.server/mon
+%%ETCDIR%%/ignore.d.server/mountd
%%ETCDIR%%/ignore.d.server/nagios
%%ETCDIR%%/ignore.d.server/netconsole
%%ETCDIR%%/ignore.d.server/nfs
%%ETCDIR%%/ignore.d.server/nntpcache
%%ETCDIR%%/ignore.d.server/nscd
-%%ETCDIR%%/ignore.d.server/ntp
-%%ETCDIR%%/ignore.d.server/oidentd
+%%ETCDIR%%/ignore.d.server/nslcd
+@comment %%ETCDIR%%/ignore.d.server/ntop
%%ETCDIR%%/ignore.d.server/openvpn
%%ETCDIR%%/ignore.d.server/otrs
+%%ETCDIR%%/ignore.d.server/passwd
%%ETCDIR%%/ignore.d.server/pdns
%%ETCDIR%%/ignore.d.server/perdition
%%ETCDIR%%/ignore.d.server/policyd
@@ -90,6 +103,7 @@
%%ETCDIR%%/ignore.d.server/proftpd
%%ETCDIR%%/ignore.d.server/puppetd
%%ETCDIR%%/ignore.d.server/pure-ftpd
+%%ETCDIR%%/ignore.d.server/pureftp
%%ETCDIR%%/ignore.d.server/qpopper
%%ETCDIR%%/ignore.d.server/rbldnsd
%%ETCDIR%%/ignore.d.server/rpc_statd
@@ -113,6 +127,8 @@
%%ETCDIR%%/ignore.d.server/squid
%%ETCDIR%%/ignore.d.server/ssh
%%ETCDIR%%/ignore.d.server/stunnel
+%%ETCDIR%%/ignore.d.server/su
+%%ETCDIR%%/ignore.d.server/sudo
%%ETCDIR%%/ignore.d.server/sympa
%%ETCDIR%%/ignore.d.server/syslogd
%%ETCDIR%%/ignore.d.server/teapop
@@ -130,9 +146,10 @@
%%ETCDIR%%/ignore.d.server/xinetd
%%ETCDIR%%/ignore.d.workstation/automount
%%ETCDIR%%/ignore.d.workstation/bind
-%%ETCDIR%%/ignore.d.workstation/bluez-utils
%%ETCDIR%%/ignore.d.workstation/bluetooth-alsa
+%%ETCDIR%%/ignore.d.workstation/bluez-utils
%%ETCDIR%%/ignore.d.workstation/bonobo
+%%ETCDIR%%/ignore.d.workstation/dhcpcd
%%ETCDIR%%/ignore.d.workstation/francine
%%ETCDIR%%/ignore.d.workstation/gconf
%%ETCDIR%%/ignore.d.workstation/gdm
@@ -142,7 +159,10 @@
%%ETCDIR%%/ignore.d.workstation/ippl
%%ETCDIR%%/ignore.d.workstation/kdm
%%ETCDIR%%/ignore.d.workstation/kernel
+%%ETCDIR%%/ignore.d.workstation/laptop-mode-tools
+%%ETCDIR%%/ignore.d.workstation/libpam-gnome-keyring
%%ETCDIR%%/ignore.d.workstation/logcheck
+%%ETCDIR%%/ignore.d.workstation/login
%%ETCDIR%%/ignore.d.workstation/net-acct
%%ETCDIR%%/ignore.d.workstation/nntpcache
%%ETCDIR%%/ignore.d.workstation/polypaudio
@@ -155,46 +175,19 @@
%%ETCDIR%%/ignore.d.workstation/udev
%%ETCDIR%%/ignore.d.workstation/wdm
%%ETCDIR%%/ignore.d.workstation/winbind
+%%ETCDIR%%/ignore.d.workstation/wpasupplicant
%%ETCDIR%%/ignore.d.workstation/xdm
%%ETCDIR%%/ignore.d.workstation/xlockmore
-%%ETCDIR%%/logcheck.conf.sample
-%%ETCDIR%%/logcheck.logfiles.sample
+%%ETCDIR%%/ignore.d.workstation/xscreensaver
%%ETCDIR%%/violations.d/kernel
%%ETCDIR%%/violations.d/logcheck
%%ETCDIR%%/violations.d/smartd
%%ETCDIR%%/violations.d/su
%%ETCDIR%%/violations.d/sudo
-%%ETCDIR%%/violations.ignore.d/logcheck-bind
-%%ETCDIR%%/violations.ignore.d/logcheck-bluez-utils
-%%ETCDIR%%/violations.ignore.d/logcheck-courier
-%%ETCDIR%%/violations.ignore.d/logcheck-cron-apt
-%%ETCDIR%%/violations.ignore.d/logcheck-cyrus
-%%ETCDIR%%/violations.ignore.d/logcheck-dcc
-%%ETCDIR%%/violations.ignore.d/logcheck-dovecot
-%%ETCDIR%%/violations.ignore.d/logcheck-hylafax
-%%ETCDIR%%/violations.ignore.d/logcheck-innd
-%%ETCDIR%%/violations.ignore.d/logcheck-kernel
-%%ETCDIR%%/violations.ignore.d/logcheck-login
-%%ETCDIR%%/violations.ignore.d/logcheck-mon
-%%ETCDIR%%/violations.ignore.d/logcheck-nagios
-%%ETCDIR%%/violations.ignore.d/logcheck-openvpn
-%%ETCDIR%%/violations.ignore.d/logcheck-passwd
-%%ETCDIR%%/violations.ignore.d/logcheck-pdns
-%%ETCDIR%%/violations.ignore.d/logcheck-postfix
-%%ETCDIR%%/violations.ignore.d/logcheck-proftpd
-%%ETCDIR%%/violations.ignore.d/logcheck-pureftp
-%%ETCDIR%%/violations.ignore.d/logcheck-samba
-%%ETCDIR%%/violations.ignore.d/logcheck-sasl2-bin
-%%ETCDIR%%/violations.ignore.d/logcheck-saslauthd
-%%ETCDIR%%/violations.ignore.d/logcheck-sendmail_tmp
-%%ETCDIR%%/violations.ignore.d/logcheck-smartd
-%%ETCDIR%%/violations.ignore.d/logcheck-spamd
-%%ETCDIR%%/violations.ignore.d/logcheck-squid
-%%ETCDIR%%/violations.ignore.d/logcheck-ssh
%%ETCDIR%%/violations.ignore.d/logcheck-su
%%ETCDIR%%/violations.ignore.d/logcheck-sudo
-%%ETCDIR%%/violations.ignore.d/logcheck-usb
-%%ETCDIR%%/violations.ignore.d/logcheck-winbind
+%%ETCDIR%%/logcheck.conf.sample
+%%ETCDIR%%/logcheck.logfiles.sample
%%DATADIR%%/detectrotate/10-savelog.dtr
%%DATADIR%%/detectrotate/20-logrotate.dtr
%%DATADIR%%/detectrotate/30-logrotate-dateext.dtr