Adrian von Bidder
2006-Jan-29 09:31 UTC
[Logcheck-devel] dh_installlogcheck (was: Re: Bug#350301: postgrey: logcheck file named incorrectly)
reassign 350301 debhelper thanks On Saturday 28 January 2006 19:11, Paul Traina wrote:> postgrey is installing the logcheck "violations.ignore.d" file as > > /etc/logcheck/violations.ignore.d/postgrey > > about a year or so ago, the logcheck maintainers extended the behavior > of the way logcheck violations are processed and a (desired) side effect > is that that file now needs to be namedAs far as I can tell, I use dh_installlogcheck as it is documented, i.e. by having package.logcheck.* files. dh_installlogcheck should then do the Right Thing(tm) for me automatically. So this is Somebody Else's Problem ;-) Besides: aren't the logcheck-* files delivered with logcheck itself, while the other files are delivered with the program's package? And if not - could you please enlighten me why this change is required? It seems a bit silly for me, that's what we have directories for, it's all in etc/logcheck/... after all. (Obviously: feel free to assign this bug back to me if I'm using debhelper the wrong way.) cheers -- vbi -- featured link: http://fortytwo.ch/gpg/intro -------------- next part -------------- A non-text attachment was scrubbed... Name: not available Type: application/pgp-signature Size: 388 bytes Desc: not available Url : http://lists.alioth.debian.org/pipermail/logcheck-devel/attachments/20060129/2515d549/attachment.pgp
Paul Traina
2006-Jan-29 10:58 UTC
[Logcheck-devel] Re: dh_installlogcheck (was: Re: Bug#350301: postgrey: logcheck file named incorrectly)
I agree, I'm no logcheck expert, but if it behaves according to the manpage, it doesn't take into account the way logcheck handles violations and their corresponding ignores anymore. As I think I understand it (feel free to correct me), if a package wants to register security violation regexps, those should go in: /etc/logcheck/violations.d/<packagename> and ignore strings for THOSE, and only THOSE, regexps should go in: /etc/logcheck/violations.ignore.d/<packagename> The problem here is that logcheck-database includes a bunch of generic regexps as well, in the file /etc/logcheck/violations.d/logcheck which many packages trigger as false violations. Those packages, if well behaved, are responsible for installing a file: /etc/logcheck/violations.ignore.d/logcheck-<packagename> to explicitly stop those false positives. How do we do this with dh_installlogcheck. So, by observation, two problems: 1) dh_installlogcheck has no documented mechanism to install rules for violations.d 2) dh_installlogcheck has no documented mechanism to install rules for violations.ignore.d/logcheck-<packagename>