diff options
Diffstat (limited to 'security')
-rw-r--r-- | security/logcheck/Makefile | 8 | ||||
-rw-r--r-- | security/logcheck/distinfo | 6 | ||||
-rw-r--r-- | security/logcheck/files/extra-patch-etc__logcheck.conf.in | 7 | ||||
-rw-r--r-- | security/logcheck/files/extra-patch-src__logcheck.in | 135 | ||||
-rw-r--r-- | security/logcheck/pkg-plist | 65 |
5 files changed, 100 insertions, 121 deletions
diff --git a/security/logcheck/Makefile b/security/logcheck/Makefile index eee1990549cf..e7444bd64236 100644 --- a/security/logcheck/Makefile +++ b/security/logcheck/Makefile @@ -6,8 +6,7 @@ # PORTNAME= logcheck -PORTVERSION= 1.2.69 -PORTREVISION= 2 +PORTVERSION= 1.3.10 CATEGORIES= security MASTER_SITES= ${MASTER_SITE_DEBIAN_POOL} DISTNAME= ${PORTNAME}_${PORTVERSION} @@ -15,7 +14,8 @@ DISTNAME= ${PORTNAME}_${PORTVERSION} MAINTAINER= glarkin@FreeBSD.org COMMENT= Auditing tool for system logs on Unix boxes -RUN_DEPENDS= lockfile:${PORTSDIR}/mail/procmail \ +RUN_DEPENDS= mime-construct:${PORTSDIR}/mail/mime-construct \ + lockfile:${PORTSDIR}/mail/procmail \ bash:${PORTSDIR}/shells/bash PORTSCOUT= limit:^1\.2\. @@ -28,7 +28,7 @@ LOGCHECK_GID= ${LOGCHECK_UID} # Enable Perl dependency for logtail script USE_PERL5= 5.8.0+ -WRKSRC= ${WRKDIR}/${PORTNAME}-${PORTVERSION} +WRKSRC= ${WRKDIR}/${PORTNAME} BINMODE= 755 SHAREMODE= 640 SUB_LIST+= LOGCHECK_USER=${LOGCHECK_USER} \ diff --git a/security/logcheck/distinfo b/security/logcheck/distinfo index 2abf1f3a489d..5659b20c1b27 100644 --- a/security/logcheck/distinfo +++ b/security/logcheck/distinfo @@ -1,3 +1,3 @@ -MD5 (logcheck_1.2.69.tar.gz) = 7d1671e762d3b99fb1832e0c01edf9fe -SHA256 (logcheck_1.2.69.tar.gz) = c1c8438f098d09554a857c68db09f4076b7a868818fb9e5d158a802127176ecf -SIZE (logcheck_1.2.69.tar.gz) = 145023 +MD5 (logcheck_1.3.10.tar.gz) = 71b4cf145b94e6bf796d77de3589ae79 +SHA256 (logcheck_1.3.10.tar.gz) = b150f15c42b51266efeecd91195d5d3b55be684bea86f851022d0380c32dd2ba +SIZE (logcheck_1.3.10.tar.gz) = 155708 diff --git a/security/logcheck/files/extra-patch-etc__logcheck.conf.in b/security/logcheck/files/extra-patch-etc__logcheck.conf.in index 4223428582f8..c058a2d81f36 100644 --- a/security/logcheck/files/extra-patch-etc__logcheck.conf.in +++ b/security/logcheck/files/extra-patch-etc__logcheck.conf.in @@ -1,6 +1,6 @@ ---- ./etc/logcheck.conf.orig 2006-10-29 02:55:02.000000000 -0500 -+++ ./etc/logcheck.conf 2008-09-06 19:11:28.000000000 -0400 -@@ -47,12 +47,7 @@ +--- etc/logcheck.conf.orig 2010-04-15 01:15:34.000000000 +0900 ++++ etc/logcheck.conf 2010-05-12 14:22:13.000000000 +0900 +@@ -53,13 +53,7 @@ # Controls the base directory for rules file location # This must be an absolute path @@ -8,6 +8,7 @@ - -# Controls if syslog-summary is run over each section. -# Alternatively, set to "1" to enable extra summary. +-# HINT: syslog-summary needs to be installed. - -#SYSLOGSUMMARY=0 +#RULEDIR="%%ETCDIR%%" diff --git a/security/logcheck/files/extra-patch-src__logcheck.in b/security/logcheck/files/extra-patch-src__logcheck.in index ab30dd748411..703b32566170 100644 --- a/security/logcheck/files/extra-patch-src__logcheck.in +++ b/security/logcheck/files/extra-patch-src__logcheck.in @@ -1,17 +1,17 @@ ---- src/logcheck.orig 2007-01-16 01:13:27.000000000 -0500 -+++ src/logcheck 2009-12-17 19:33:34.000000000 -0500 +--- src/logcheck.orig 2010-07-07 15:59:57.000000000 -0400 ++++ src/logcheck 2010-07-07 16:19:33.000000000 -0400 @@ -1,4 +1,4 @@ -#!/bin/bash +#!%%LOCALBASE%%/bin/bash # - # Copyright (C) 2004-2006 Debian Logcheck Team + # Copyright (C) 2004-2010 Debian Logcheck Team # <logcheck-devel@alioth.lists.debian.org> -@@ -26,17 +26,10 @@ +@@ -24,17 +24,10 @@ - if [ $UID == 0 ]; then + if [ `id -u` = 0 ]; then echo "logcheck should not be run as root. Use su to invoke logcheck:" - echo "su -s /bin/bash -c \"/usr/sbin/logcheck${@:+ $@}\" logcheck" -+ echo "su -m logcheck -c \"%%LOCALBASE%%/bin/bash %%PREFIX%%/sbin/logcheck${@:+ $@}\"" ++ echo "su -m %%LOGCHECK_USER%% -c \"%%LOCALBASE%%/bin/bash %%PREFIX%%/sbin/logcheck${@:+ $@}\"" echo "Or use sudo: sudo -u logcheck logcheck${@:+ $@}." # you may want to uncomment that hack to let logcheck invoke itself. - # su -s /bin/bash -c "$0 $*" logcheck @@ -26,7 +26,16 @@ exit 1 fi -@@ -68,12 +61,12 @@ +@@ -51,7 +44,7 @@ + + # Get the details for the email message + DATE="$(date +'%Y-%m-%d %H:%M')" +-VERSION="1.3.7" ++VERSION="1.3.10" + + # Set the default report level + REPORTLEVEL="server" +@@ -69,12 +62,12 @@ ADDTAG="no" # Set the default paths @@ -45,7 +54,7 @@ CAT="/bin/cat" SYSLOG_SUMMARY="/usr/bin/syslog-summary" -@@ -87,26 +80,21 @@ +@@ -89,20 +82,15 @@ SORTUNIQ=0 SUPPORT_CRACKING_IGNORE=0 SYSLOGSUMMARY=0 @@ -58,44 +67,37 @@ - if [ -n "$LOCK" ]; then - debug "cleanup: Killing lockfile-touch - $LOCK" -- kill $LOCK && unset LOCK +- kill "$LOCK" && unset LOCK - fi - - if [ -f "$LOCKFILE.lock" ]; then - debug "cleanup: Removing lockfile: $LOCKFILE.lock" -- lockfile-remove $LOCKFILE +- lockfile-remove "$LOCKFILE" + if [ -f "$LOCKFILE" ]; then + debug "cleanup: Removing lockfile: $LOCKFILE" -+ rm -f $LOCKFILE ++ rm -f "$LOCKFILE" fi - if [ -d $TMPDIR ]; then - # Remove the tmp directory - if [ $NOCLEANUP -eq 0 ];then -- cd /var/lib/logcheck -+ cd /var/db/logcheck - debug "cleanup: Removing - $TMPDIR" - rm -r $TMPDIR - else -@@ -142,14 +130,9 @@ + if [ -d "$TMPDIR" ]; then +@@ -144,14 +132,9 @@ if [ "$2" = "noclean" ]; then debug "error: Not removing lockfile" else - if [ -n "$LOCK" ]; then - debug "error: Killing lockfile-touch - $LOCK" -- kill $LOCK && unset LOCK +- kill "$LOCK" && unset LOCK - fi - - if [ -f "$LOCKFILE.lock" ]; then - debug "error: Removing lockfile: $LOCKFILE.lock" -- lockfile-remove $LOCKFILE +- lockfile-remove "$LOCKFILE" + if [ -f "$LOCKFILE" ]; then + debug "error: Removing lockfile: $LOCKFILE" -+ rm -f $LOCKFILE ++ rm -f "$LOCKFILE" fi - + fi -@@ -168,7 +151,7 @@ +@@ -170,7 +153,7 @@ ${TMPDIR:+Check temporary directory: $TMPDIR } Also verify that the logcheck user can read all files referenced in @@ -104,78 +106,61 @@ $(export) EOF -@@ -185,8 +168,8 @@ - - # Add an identification line at the beginning of the sent mail - setintro() { -- if [ -f /etc/logcheck/header.txt -a -r /etc/logcheck/header.txt ] ; then -- $CAT /etc/logcheck/header.txt >> $TMPDIR/report \ -+ if [ -f %%ETCDIR%%/header.txt -a -r %%ETCDIR%%/header.txt ] ; then -+ $CAT %%ETCDIR%%/header.txt >> $TMPDIR/report \ - || error "Could not append header to $TMPDIR/report." - fi - } -@@ -194,8 +177,8 @@ - - # Add a footer to the report. - setfooter() { -- if [ -f /etc/logcheck/footer.txt -a -r /etc/logcheck/footer.txt ] ; then -- $CAT /etc/logcheck/footer.txt >> $TMPDIR/report \ -+ if [ -f %%ETCDIR%%/footer.txt -a -r %%ETCDIR%%/footer.txt ] ; then -+ $CAT %%ETCDIR%%/footer.txt >> $TMPDIR/report \ - || error "Could not append footer to $TMPDIR/report." - fi - } -@@ -212,8 +195,7 @@ - mkdir $cleaned \ +@@ -215,7 +198,7 @@ + mkdir "$cleaned" \ || error "Could not make dir $cleaned for cleaned rulefiles." fi -- for rulefile in $(run-parts --list $dir); do -- rulefile=$(basename $rulefile) -+ for rulefile in $(ls -1R $dir); do - if [ -f ${dir}/${rulefile} ]; then +- for rulefile in $(run-parts --list "$dir"); do ++ for rulefile in $(ls -1R "$dir"); do + rulefile="$(basename "$rulefile")" + if [ -f "${dir}/${rulefile}" ]; then debug "cleanrules: ${dir}/${rulefile}" - if [ -r ${dir}/${rulefile} ]; then -@@ -544,9 +526,9 @@ +@@ -529,9 +512,9 @@ # Hostname either fully qualified or not. - if [ $FQDN -eq 1 ]; then -- HOSTNAME="$(hostname --fqdn)" > /dev/null 2>&1 -+ HOSTNAME="$(hostname -f)" > /dev/null 2>&1 + if [ "$FQDN" -eq 1 ]; then +- HOSTNAME="$(hostname --fqdn 2>/dev/null)" ++ HOSTNAME="$(hostname -f 2>/dev/null)" else -- HOSTNAME="$(hostname --short)" > /dev/null 2>&1 -+ HOSTNAME="$(hostname -s)" > /dev/null 2>&1 +- HOSTNAME="$(hostname --short 2>/dev/null)" ++ HOSTNAME="$(hostname -s 2>/dev/null)" fi - + # Now check for the other options -@@ -625,25 +607,21 @@ +@@ -610,30 +593,25 @@ trap 'cleanup' 0 -debug "Trying to get lockfile: $LOCKFILE.lock" +debug "Trying to get lockfile: $LOCKFILE" - if [ ! -d $LOCKDIR ]; then - mkdir -m 0755 $LOCKDIR + if [ ! -d "$LOCKDIR" ]; then + mkdir -m 0755 "$LOCKDIR" fi --lockfile-create --retry 1 $LOCKFILE > /dev/null 2>&1 -+lockfile -r 1 $LOCKFILE > /dev/null 2>&1 +-lockfile-create --retry 1 "$LOCKFILE" > /dev/null 2>&1 ++lockfile -r 1 "$LOCKFILE" > /dev/null 2>&1 - if [ $? -eq 1 ]; then + if [ $? -eq 1 ]; then trap 0 -- error "Failed to get lockfile: $LOCKFILE.lock" "noclean" --else +- if [ -e "${LOCKFILE}.lock" ]; then ++ if [ -e "${LOCKFILE}" ]; then + error "Another logcheck process is still running" "noclean" + else +- error "Failed to get lockfile: $LOCKFILE.lock" "noclean" ++ error "Failed to get lockfile: $LOCKFILE" "noclean" + fi +- +-else - debug "Running lockfile-touch $LOCKFILE.lock" -- lockfile-touch $LOCKFILE & +- lockfile-touch "$LOCKFILE" & - LOCK="$!" -+ error "Failed to get lockfile: $LOCKFILE" "noclean" fi # Create the secure temporary directory or exit --TMPDIR=$(mktemp -d -p ${TMP:-/tmp} logcheck.XXXXXX) \ -- || TMPDIR=$(mktemp -d -p /var/tmp logcheck.XXXXXX) \ -+TMPDIR=$(mktemp -d /tmp/logcheck.XXXXXX) \ -+ || TMPDIR=$(mktemp -d /var/tmp/logcheck.XXXXXX) \ +-TMPDIR="$(mktemp -d -p "${TMP:-/tmp}" logcheck.XXXXXX)" \ +- || TMPDIR="$(mktemp -d -p /var/tmp logcheck.XXXXXX)" \ ++TMPDIR="$(mktemp -d ${TMP:-/tmp}/logcheck.XXXXXX)" \ ++ || TMPDIR="$(mktemp -d /var/tmp/logcheck.XXXXXX)" \ || error "Could not create temporary directory" # Now clean the rulefiles in the directories diff --git a/security/logcheck/pkg-plist b/security/logcheck/pkg-plist index 3cb038ad7a6c..dcd0793cfce4 100644 --- a/security/logcheck/pkg-plist +++ b/security/logcheck/pkg-plist @@ -1,11 +1,16 @@ -%%ETCDIR%%/cracking.d/logcheck +%%ETCDIR%%/cracking.d/kernel +%%ETCDIR%%/cracking.d/rlogind +%%ETCDIR%%/cracking.d/rsh %%ETCDIR%%/cracking.d/smartd +%%ETCDIR%%/cracking.d/tftpd +%%ETCDIR%%/cracking.d/uucico %%ETCDIR%%/ignore.d.paranoid/bind %%ETCDIR%%/ignore.d.paranoid/cron %%ETCDIR%%/ignore.d.paranoid/incron %%ETCDIR%%/ignore.d.paranoid/logcheck %%ETCDIR%%/ignore.d.paranoid/postfix %%ETCDIR%%/ignore.d.paranoid/ppp +%%ETCDIR%%/ignore.d.paranoid/pureftp %%ETCDIR%%/ignore.d.paranoid/qpopper %%ETCDIR%%/ignore.d.paranoid/squid %%ETCDIR%%/ignore.d.paranoid/ssh @@ -13,12 +18,15 @@ %%ETCDIR%%/ignore.d.paranoid/sysklogd %%ETCDIR%%/ignore.d.paranoid/telnetd %%ETCDIR%%/ignore.d.paranoid/tripwire +%%ETCDIR%%/ignore.d.paranoid/usb %%ETCDIR%%/ignore.d.server/acpid %%ETCDIR%%/ignore.d.server/amandad %%ETCDIR%%/ignore.d.server/anacron %%ETCDIR%%/ignore.d.server/anon-proxy %%ETCDIR%%/ignore.d.server/apache +%%ETCDIR%%/ignore.d.server/apcupsd %%ETCDIR%%/ignore.d.server/arpwatch +%%ETCDIR%%/ignore.d.server/asterisk %%ETCDIR%%/ignore.d.server/automount %%ETCDIR%%/ignore.d.server/bind %%ETCDIR%%/ignore.d.server/bluez-utils @@ -44,7 +52,9 @@ %%ETCDIR%%/ignore.d.server/dspam %%ETCDIR%%/ignore.d.server/epmd %%ETCDIR%%/ignore.d.server/exim4 +%%ETCDIR%%/ignore.d.server/fcron %%ETCDIR%%/ignore.d.server/ftpd +%%ETCDIR%%/ignore.d.server/git-daemon %%ETCDIR%%/ignore.d.server/gnu-imap4d %%ETCDIR%%/ignore.d.server/gps %%ETCDIR%%/ignore.d.server/grinch @@ -62,22 +72,25 @@ %%ETCDIR%%/ignore.d.server/isdnutils %%ETCDIR%%/ignore.d.server/jabberd %%ETCDIR%%/ignore.d.server/kernel +%%ETCDIR%%/ignore.d.server/klogind %%ETCDIR%%/ignore.d.server/krb5-kdc %%ETCDIR%%/ignore.d.server/libpam-mount %%ETCDIR%%/ignore.d.server/logcheck -%%ETCDIR%%/ignore.d.server/lpr +%%ETCDIR%%/ignore.d.server/login %%ETCDIR%%/ignore.d.server/maradns %%ETCDIR%%/ignore.d.server/mldonkey-server %%ETCDIR%%/ignore.d.server/mon +%%ETCDIR%%/ignore.d.server/mountd %%ETCDIR%%/ignore.d.server/nagios %%ETCDIR%%/ignore.d.server/netconsole %%ETCDIR%%/ignore.d.server/nfs %%ETCDIR%%/ignore.d.server/nntpcache %%ETCDIR%%/ignore.d.server/nscd -%%ETCDIR%%/ignore.d.server/ntp -%%ETCDIR%%/ignore.d.server/oidentd +%%ETCDIR%%/ignore.d.server/nslcd +@comment %%ETCDIR%%/ignore.d.server/ntop %%ETCDIR%%/ignore.d.server/openvpn %%ETCDIR%%/ignore.d.server/otrs +%%ETCDIR%%/ignore.d.server/passwd %%ETCDIR%%/ignore.d.server/pdns %%ETCDIR%%/ignore.d.server/perdition %%ETCDIR%%/ignore.d.server/policyd @@ -90,6 +103,7 @@ %%ETCDIR%%/ignore.d.server/proftpd %%ETCDIR%%/ignore.d.server/puppetd %%ETCDIR%%/ignore.d.server/pure-ftpd +%%ETCDIR%%/ignore.d.server/pureftp %%ETCDIR%%/ignore.d.server/qpopper %%ETCDIR%%/ignore.d.server/rbldnsd %%ETCDIR%%/ignore.d.server/rpc_statd @@ -113,6 +127,8 @@ %%ETCDIR%%/ignore.d.server/squid %%ETCDIR%%/ignore.d.server/ssh %%ETCDIR%%/ignore.d.server/stunnel +%%ETCDIR%%/ignore.d.server/su +%%ETCDIR%%/ignore.d.server/sudo %%ETCDIR%%/ignore.d.server/sympa %%ETCDIR%%/ignore.d.server/syslogd %%ETCDIR%%/ignore.d.server/teapop @@ -130,9 +146,10 @@ %%ETCDIR%%/ignore.d.server/xinetd %%ETCDIR%%/ignore.d.workstation/automount %%ETCDIR%%/ignore.d.workstation/bind -%%ETCDIR%%/ignore.d.workstation/bluez-utils %%ETCDIR%%/ignore.d.workstation/bluetooth-alsa +%%ETCDIR%%/ignore.d.workstation/bluez-utils %%ETCDIR%%/ignore.d.workstation/bonobo +%%ETCDIR%%/ignore.d.workstation/dhcpcd %%ETCDIR%%/ignore.d.workstation/francine %%ETCDIR%%/ignore.d.workstation/gconf %%ETCDIR%%/ignore.d.workstation/gdm @@ -142,7 +159,10 @@ %%ETCDIR%%/ignore.d.workstation/ippl %%ETCDIR%%/ignore.d.workstation/kdm %%ETCDIR%%/ignore.d.workstation/kernel +%%ETCDIR%%/ignore.d.workstation/laptop-mode-tools +%%ETCDIR%%/ignore.d.workstation/libpam-gnome-keyring %%ETCDIR%%/ignore.d.workstation/logcheck +%%ETCDIR%%/ignore.d.workstation/login %%ETCDIR%%/ignore.d.workstation/net-acct %%ETCDIR%%/ignore.d.workstation/nntpcache %%ETCDIR%%/ignore.d.workstation/polypaudio @@ -155,46 +175,19 @@ %%ETCDIR%%/ignore.d.workstation/udev %%ETCDIR%%/ignore.d.workstation/wdm %%ETCDIR%%/ignore.d.workstation/winbind +%%ETCDIR%%/ignore.d.workstation/wpasupplicant %%ETCDIR%%/ignore.d.workstation/xdm %%ETCDIR%%/ignore.d.workstation/xlockmore -%%ETCDIR%%/logcheck.conf.sample -%%ETCDIR%%/logcheck.logfiles.sample +%%ETCDIR%%/ignore.d.workstation/xscreensaver %%ETCDIR%%/violations.d/kernel %%ETCDIR%%/violations.d/logcheck %%ETCDIR%%/violations.d/smartd %%ETCDIR%%/violations.d/su %%ETCDIR%%/violations.d/sudo -%%ETCDIR%%/violations.ignore.d/logcheck-bind -%%ETCDIR%%/violations.ignore.d/logcheck-bluez-utils -%%ETCDIR%%/violations.ignore.d/logcheck-courier -%%ETCDIR%%/violations.ignore.d/logcheck-cron-apt -%%ETCDIR%%/violations.ignore.d/logcheck-cyrus -%%ETCDIR%%/violations.ignore.d/logcheck-dcc -%%ETCDIR%%/violations.ignore.d/logcheck-dovecot -%%ETCDIR%%/violations.ignore.d/logcheck-hylafax -%%ETCDIR%%/violations.ignore.d/logcheck-innd -%%ETCDIR%%/violations.ignore.d/logcheck-kernel -%%ETCDIR%%/violations.ignore.d/logcheck-login -%%ETCDIR%%/violations.ignore.d/logcheck-mon -%%ETCDIR%%/violations.ignore.d/logcheck-nagios -%%ETCDIR%%/violations.ignore.d/logcheck-openvpn -%%ETCDIR%%/violations.ignore.d/logcheck-passwd -%%ETCDIR%%/violations.ignore.d/logcheck-pdns -%%ETCDIR%%/violations.ignore.d/logcheck-postfix -%%ETCDIR%%/violations.ignore.d/logcheck-proftpd -%%ETCDIR%%/violations.ignore.d/logcheck-pureftp -%%ETCDIR%%/violations.ignore.d/logcheck-samba -%%ETCDIR%%/violations.ignore.d/logcheck-sasl2-bin -%%ETCDIR%%/violations.ignore.d/logcheck-saslauthd -%%ETCDIR%%/violations.ignore.d/logcheck-sendmail_tmp -%%ETCDIR%%/violations.ignore.d/logcheck-smartd -%%ETCDIR%%/violations.ignore.d/logcheck-spamd -%%ETCDIR%%/violations.ignore.d/logcheck-squid -%%ETCDIR%%/violations.ignore.d/logcheck-ssh %%ETCDIR%%/violations.ignore.d/logcheck-su %%ETCDIR%%/violations.ignore.d/logcheck-sudo -%%ETCDIR%%/violations.ignore.d/logcheck-usb -%%ETCDIR%%/violations.ignore.d/logcheck-winbind +%%ETCDIR%%/logcheck.conf.sample +%%ETCDIR%%/logcheck.logfiles.sample %%DATADIR%%/detectrotate/10-savelog.dtr %%DATADIR%%/detectrotate/20-logrotate.dtr %%DATADIR%%/detectrotate/30-logrotate-dateext.dtr |