Tim White
2012-Jul-17 22:31 UTC
[Logcheck-devel] Bug#681934: logcheck-database: More dovecot rule enhancements
Package: logcheck-database Version: 1.3.13 Severity: normal Newer dovecot versions change the format of some log messages. Updated the rules to ignore those messages (including some case insensative matches) *** dovecot.rules.patch --- dovecot.rules.original 2012-07-15 07:06:46.617611118 +0000 +++ dovecot.rules 2012-07-17 22:25:35.909249523 +0000 @@ -1,6 +1,6 @@ ^\w{3} [ :[:digit:]]{11} [._[:alnum:]-]+ (dovecot: )?(imap|pop3)-login: Disconnected \[[.:[:xdigit:]]+\]$ -^\w{3} [ :[:digit:]]{11} [._[:alnum:]-]+ (dovecot: )?deliver\([-_.@[:alnum:]]+\): msgid=<?[^\(]*>?( \((added by [^[:space:]]+|sfid-[_[:xdigit:]]+)\)?)?[[:space:]]*: (saved mail to [-_.[:alnum:]]+|(forwarded|discarded duplicate forward) to <[^[:space:]]+>)$ -^\w{3} [ :[:digit:]]{11} [._[:alnum:]-]+ (dovecot: )?deliver\([-_.@[:alnum:]]+\): sieve: msgid=<?[^\(]*>?( \(((added by )?[^[:space:]]+|sfid-[_[:xdigit:]]+)\)?)?[[:space:]]*: (stored mail into mailbox '.*'|marked message to be discarded if not explicitly delivered \(discard action\)|(forwarded to|sent vacation response to|discarding vacation response for message implicitly delivered to|not sending vacation response to system address|discarding vacation response to mailinglist recipient|discarded vacation reply to|discarding vacation response to (auto-submitted|precedence=bulk) message from|discarded duplicate (vacation response|forward) to) <[^[:space:]]*>)$ +^\w{3} [ :[:digit:]]{11} [._[:alnum:]-]+ (dovecot: )?(deliver|lda)\([-_.@[:alnum:]]+\): msgid=<?[^\(]*>?( \((added by [^[:space:]]+|sfid-[_[:xdigit:]]+)\)?)?[[:space:]]*: (saved mail to [-_.[:alnum:]]+|(forwarded|discarded duplicate forward) to <[^[:space:]]+>)$ +^\w{3} [ :[:digit:]]{11} [._[:alnum:]-]+ (dovecot: )?(deliver|lda)\([-_.@[:alnum:]]+\): sieve: msgid=<?[^\(]*>?( \(((added by )?[^[:space:]]+|sfid-[_[:xdigit:]]+)\)?)?[[:space:]]*: (stored mail into mailbox '.*'|marked message to be discarded if not explicitly delivered \(discard action\)|(forwarded to|sent vacation response to|discarding vacation response for message implicitly delivered to|not sending vacation response to system address|discarding vacation response to mailinglist recipient|discarded vacation reply to|discarding vacation response to (auto-submitted|precedence=bulk) message from|discarded duplicate (vacation response|forward) to) <[^[:space:]]*>)$ ^\w{3} [ :[:digit:]]{11} [._[:alnum:]-]+ dovecot-auth: \(pam_unix\) authentication failure; logname= uid=0 euid=0 tty=dovecot ruser=([-_.@[:alnum:]]+)? rhost=([.:[:xdigit:]]+)?( user=[-_.@[:alnum:]]+)?$ ^\w{3} [ :[:digit:]]{11} [._[:alnum:]-]+ dovecot-auth: \(pam_unix\) check pass; user unknown$ ^\w{3} [ :[:digit:]]{11} [._[:alnum:]-]+ dovecot-auth: pam_unix\(dovecot:[[:alnum:]]+\): authentication failure; logname= uid=0 euid=0 tty=dovecot ruser=([-_.@[:alnum:]]+)? rhost=([.:[:xdigit:]]+)?( user=[-_.@[:alnum:]]+)?$ @@ -11,11 +11,11 @@ ^\w{3} [ :[:digit:]]{11} [._[:alnum:]-]+ dovecot: (pop3|imap)-login: (Disconnected|Aborted login)(: Inactivity)? (\(no auth attempts\):|\(auth failed, [[:digit:]]+ attempts\): user=<[-_.@[:alnum:]]+>, method=PLAIN,|\(aborted authentication\): method=PLAIN,) rip=[.[:digit:]]+, lip=[.[:digit:]]+, (TLS|SSL)(( handshaking)?(: Disconnected)?|: SSL_read\(\) syscall failed: Connection reset by peer)?$ ^\w{3} [ :[:digit:]]{11} [._[:alnum:]-]+ dovecot: (pop3|imap)-login: Disconnected: ((Too many invalid commands|Inactivity): )?(user=<[-_.@[:alnum:]]+>, )?(method=[[:alnum:]-]+, )?rip=[.:[:xdigit:]]+, lip=[.:[:xdigit:]]+(, (TLS( handshake)?|secured))?$ ^\w{3} [ :[:digit:]]{11} [._[:alnum:]-]+ dovecot: (pop3|imap)-login: Disconnected: Logged out$ -^\w{3} [ :[:digit:]]{11} [._[:alnum:]-]+ dovecot: (pop3|imap)-login: Login: user=<[-_.@[:alnum:]]+>, method=[[:alnum:]-]+, rip=[.:[:xdigit:]]+, lip=[.:[:xdigit:]]+(, (TLS( handshake)?|secured))?$ -^\w{3} [ :[:digit:]]{11} [._[:alnum:]-]+ dovecot: IMAP\([-_.@[:alnum:]]+\): Connection closed(: Connection reset by peer)?( bytes=[[:digit:]]+/[[:digit:]]+)?$ -^\w{3} [ :[:digit:]]{11} [._[:alnum:]-]+ dovecot: IMAP\([-_.@[:alnum:]]+\): Disconnected(: Logged out| for inactivity|: Disconnected| in [[:upper:]]+|: Too many invalid IMAP commands\.)?( bytes=[[:digit:]]+/[[:digit:]]+)?$ -^\w{3} [ :[:digit:]]{11} [._[:alnum:]-]+ dovecot: IMAP\([-_.@[:alnum:]]+\): Fixed index file /[-._/[:alnum:]&]+/dovecot\.index: first_(recent|unseen)_uid_lowwater [[:digit:]]+ -> [[:digit:]]+$ -^\w{3} [ :[:digit:]]{11} [._[:alnum:]-]+ dovecot: POP3\([-_.@[:alnum:]]+\): Disconnected(: Logged out| for inactivity|: Disconnected)? top=[[:digit:]]+/[[:digit:]]+, retr=[[:digit:]]+/[[:digit:]]+, del=[[:digit:]]+/[[:digit:]]+, size=[[:digit:]]+$ +^\w{3} [ :[:digit:]]{11} [._[:alnum:]-]+ dovecot: (pop3|imap)-login: Login: user=<[-_.@[:alnum:]]+>, method=[[:alnum:]-]+, rip=[.:[:xdigit:]]+, lip=[.:[:xdigit:]]+, mpid=[.:[:xdigit:]]+(, (TLS( handshake)?|secured))?(, session=<[+/[:alnum:]]+>)?$ +^\w{3} [ :[:digit:]]{11} [._[:alnum:]-]+ dovecot: (imap|IMAP)\([-_.@[:alnum:]]+\): Connection closed(: Connection reset by peer)?( bytes=[[:digit:]]+/[[:digit:]]+)?$ +^\w{3} [ :[:digit:]]{11} [._[:alnum:]-]+ dovecot: (imap|IMAP)\([-_.@[:alnum:]]+\): Disconnected(: Logged out| for inactivity|: Disconnected| in [[:upper:]]+|: Too many invalid IMAP commands\.)?( bytes=[[:digit:]]+/[[:digit:]]+)?( in=[[:digit:]]+ out=[[:digit:]]+)?$ +^\w{3} [ :[:digit:]]{11} [._[:alnum:]-]+ dovecot: (imap|IMAP)\([-_.@[:alnum:]]+\): Fixed index file /[-._/[:alnum:]&]+/dovecot\.index: first_(recent|unseen)_uid_lowwater [[:digit:]]+ -> [[:digit:]]+$ +^\w{3} [ :[:digit:]]{11} [._[:alnum:]-]+ dovecot: (pop3|POP3)\([-_.@[:alnum:]]+\): Disconnected(: Logged out| for inactivity|: Disconnected)? top=[[:digit:]]+/[[:digit:]]+, retr=[[:digit:]]+/[[:digit:]]+, del=[[:digit:]]+/[[:digit:]]+, size=[[:digit:]]+$ ^\w{3} [ :[:digit:]]{11} [._[:alnum:]-]+ dovecot: auth-worker\([-_.[:alnum:]]+\): (pg|my)sql: Connected to [-_.[:alnum:]]+ \([-_.[:alnum:]]+\)$ ^\w{3} [ :[:digit:]]{11} [._[:alnum:]-]+ dovecot: auth\(-_.[[:alnum:]]+\): (pg|my)sql: Connected to [-_.[:alnum:]]+$ ^\w{3} [ :[:digit:]]{11} [._[:alnum:]-]+ dovecot: auth\([[:alnum:]]+\): client in: AUTH [[:digit:]]+[[:space:]]+[[:alnum:]-]+[[:space:]]+service=IMAP[[:space:]]+(secured )?lip=[.:[:xdigit:]]+[[:space:]]+rip=[.:[:xdigit:]]+[[:space:]]+resp=<hidden>$ -- System Information: Debian Release: 6.0.5 APT prefers stable-updates APT policy: (500, 'stable-updates'), (500, 'stable') Architecture: i386 (i686) Kernel: Linux 3.4.2-linode44 (SMP w/4 CPU cores) Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8) Shell: /bin/sh linked to /bin/dash -- Configuration Files: /etc/logcheck/cracking.d/kernel [Errno 13] Permission denied: u'/etc/logcheck/cracking.d/kernel' /etc/logcheck/cracking.d/rlogind [Errno 13] Permission denied: u'/etc/logcheck/cracking.d/rlogind' /etc/logcheck/cracking.d/rsh [Errno 13] Permission denied: u'/etc/logcheck/cracking.d/rsh' /etc/logcheck/cracking.d/smartd [Errno 13] Permission denied: u'/etc/logcheck/cracking.d/smartd' /etc/logcheck/cracking.d/tftpd [Errno 13] Permission denied: u'/etc/logcheck/cracking.d/tftpd' /etc/logcheck/cracking.d/uucico [Errno 13] Permission denied: u'/etc/logcheck/cracking.d/uucico' /etc/logcheck/ignore.d.paranoid/bind [Errno 13] Permission denied: u'/etc/logcheck/ignore.d.paranoid/bind' /etc/logcheck/ignore.d.paranoid/cron [Errno 13] Permission denied: u'/etc/logcheck/ignore.d.paranoid/cron' /etc/logcheck/ignore.d.paranoid/incron [Errno 13] Permission denied: u'/etc/logcheck/ignore.d.paranoid/incron' /etc/logcheck/ignore.d.paranoid/logcheck [Errno 13] Permission denied: u'/etc/logcheck/ignore.d.paranoid/logcheck' /etc/logcheck/ignore.d.paranoid/postfix [Errno 13] Permission denied: u'/etc/logcheck/ignore.d.paranoid/postfix' /etc/logcheck/ignore.d.paranoid/ppp [Errno 13] Permission denied: u'/etc/logcheck/ignore.d.paranoid/ppp' /etc/logcheck/ignore.d.paranoid/pureftp [Errno 13] Permission denied: u'/etc/logcheck/ignore.d.paranoid/pureftp' /etc/logcheck/ignore.d.paranoid/qpopper [Errno 13] Permission denied: u'/etc/logcheck/ignore.d.paranoid/qpopper' /etc/logcheck/ignore.d.paranoid/squid [Errno 13] Permission denied: u'/etc/logcheck/ignore.d.paranoid/squid' /etc/logcheck/ignore.d.paranoid/ssh [Errno 13] Permission denied: u'/etc/logcheck/ignore.d.paranoid/ssh' /etc/logcheck/ignore.d.paranoid/stunnel [Errno 13] Permission denied: u'/etc/logcheck/ignore.d.paranoid/stunnel' /etc/logcheck/ignore.d.paranoid/sysklogd [Errno 13] Permission denied: u'/etc/logcheck/ignore.d.paranoid/sysklogd' /etc/logcheck/ignore.d.paranoid/telnetd [Errno 13] Permission denied: u'/etc/logcheck/ignore.d.paranoid/telnetd' /etc/logcheck/ignore.d.paranoid/tripwire [Errno 13] Permission denied: u'/etc/logcheck/ignore.d.paranoid/tripwire' /etc/logcheck/ignore.d.paranoid/usb [Errno 13] Permission denied: u'/etc/logcheck/ignore.d.paranoid/usb' /etc/logcheck/ignore.d.server/acpid [Errno 13] Permission denied: u'/etc/logcheck/ignore.d.server/acpid' /etc/logcheck/ignore.d.server/amandad [Errno 13] Permission denied: u'/etc/logcheck/ignore.d.server/amandad' /etc/logcheck/ignore.d.server/amavisd-new [Errno 13] Permission denied: u'/etc/logcheck/ignore.d.server/amavisd-new' /etc/logcheck/ignore.d.server/anacron [Errno 13] Permission denied: u'/etc/logcheck/ignore.d.server/anacron' /etc/logcheck/ignore.d.server/anon-proxy [Errno 13] Permission denied: u'/etc/logcheck/ignore.d.server/anon-proxy' /etc/logcheck/ignore.d.server/apache [Errno 13] Permission denied: u'/etc/logcheck/ignore.d.server/apache' /etc/logcheck/ignore.d.server/apcupsd [Errno 13] Permission denied: u'/etc/logcheck/ignore.d.server/apcupsd' /etc/logcheck/ignore.d.server/arpwatch [Errno 13] Permission denied: u'/etc/logcheck/ignore.d.server/arpwatch' /etc/logcheck/ignore.d.server/asterisk [Errno 13] Permission denied: u'/etc/logcheck/ignore.d.server/asterisk' /etc/logcheck/ignore.d.server/automount [Errno 13] Permission denied: u'/etc/logcheck/ignore.d.server/automount' /etc/logcheck/ignore.d.server/bind [Errno 13] Permission denied: u'/etc/logcheck/ignore.d.server/bind' /etc/logcheck/ignore.d.server/bluez-utils [Errno 13] Permission denied: u'/etc/logcheck/ignore.d.server/bluez-utils' /etc/logcheck/ignore.d.server/courier [Errno 13] Permission denied: u'/etc/logcheck/ignore.d.server/courier' /etc/logcheck/ignore.d.server/cpqarrayd [Errno 13] Permission denied: u'/etc/logcheck/ignore.d.server/cpqarrayd' /etc/logcheck/ignore.d.server/cpufreqd [Errno 13] Permission denied: u'/etc/logcheck/ignore.d.server/cpufreqd' /etc/logcheck/ignore.d.server/cron [Errno 13] Permission denied: u'/etc/logcheck/ignore.d.server/cron' /etc/logcheck/ignore.d.server/cron-apt [Errno 13] Permission denied: u'/etc/logcheck/ignore.d.server/cron-apt' /etc/logcheck/ignore.d.server/cups-lpd [Errno 13] Permission denied: u'/etc/logcheck/ignore.d.server/cups-lpd' /etc/logcheck/ignore.d.server/cvs-pserver [Errno 13] Permission denied: u'/etc/logcheck/ignore.d.server/cvs-pserver' /etc/logcheck/ignore.d.server/cvsd [Errno 13] Permission denied: u'/etc/logcheck/ignore.d.server/cvsd' /etc/logcheck/ignore.d.server/cyrus [Errno 13] Permission denied: u'/etc/logcheck/ignore.d.server/cyrus' /etc/logcheck/ignore.d.server/dcc [Errno 13] Permission denied: u'/etc/logcheck/ignore.d.server/dcc' /etc/logcheck/ignore.d.server/ddclient [Errno 13] Permission denied: u'/etc/logcheck/ignore.d.server/ddclient' /etc/logcheck/ignore.d.server/dhclient [Errno 13] Permission denied: u'/etc/logcheck/ignore.d.server/dhclient' /etc/logcheck/ignore.d.server/dhcp [Errno 13] Permission denied: u'/etc/logcheck/ignore.d.server/dhcp' /etc/logcheck/ignore.d.server/dictd [Errno 13] Permission denied: u'/etc/logcheck/ignore.d.server/dictd' /etc/logcheck/ignore.d.server/dkfilter [Errno 13] Permission denied: u'/etc/logcheck/ignore.d.server/dkfilter' /etc/logcheck/ignore.d.server/dkim-filter [Errno 13] Permission denied: u'/etc/logcheck/ignore.d.server/dkim-filter' /etc/logcheck/ignore.d.server/dnsmasq [Errno 13] Permission denied: u'/etc/logcheck/ignore.d.server/dnsmasq' /etc/logcheck/ignore.d.server/dovecot [Errno 13] Permission denied: u'/etc/logcheck/ignore.d.server/dovecot' /etc/logcheck/ignore.d.server/dspam [Errno 13] Permission denied: u'/etc/logcheck/ignore.d.server/dspam' /etc/logcheck/ignore.d.server/epmd [Errno 13] Permission denied: u'/etc/logcheck/ignore.d.server/epmd' /etc/logcheck/ignore.d.server/exim4 [Errno 13] Permission denied: u'/etc/logcheck/ignore.d.server/exim4' /etc/logcheck/ignore.d.server/fcron [Errno 13] Permission denied: u'/etc/logcheck/ignore.d.server/fcron' /etc/logcheck/ignore.d.server/ftpd [Errno 13] Permission denied: u'/etc/logcheck/ignore.d.server/ftpd' /etc/logcheck/ignore.d.server/git-daemon [Errno 13] Permission denied: u'/etc/logcheck/ignore.d.server/git-daemon' /etc/logcheck/ignore.d.server/gnu-imap4d [Errno 13] Permission denied: u'/etc/logcheck/ignore.d.server/gnu-imap4d' /etc/logcheck/ignore.d.server/gps [Errno 13] Permission denied: u'/etc/logcheck/ignore.d.server/gps' /etc/logcheck/ignore.d.server/grinch [Errno 13] Permission denied: u'/etc/logcheck/ignore.d.server/grinch' /etc/logcheck/ignore.d.server/horde3 [Errno 13] Permission denied: u'/etc/logcheck/ignore.d.server/horde3' /etc/logcheck/ignore.d.server/hplip [Errno 13] Permission denied: u'/etc/logcheck/ignore.d.server/hplip' /etc/logcheck/ignore.d.server/hylafax [Errno 13] Permission denied: u'/etc/logcheck/ignore.d.server/hylafax' /etc/logcheck/ignore.d.server/ikiwiki [Errno 13] Permission denied: u'/etc/logcheck/ignore.d.server/ikiwiki' /etc/logcheck/ignore.d.server/imap [Errno 13] Permission denied: u'/etc/logcheck/ignore.d.server/imap' /etc/logcheck/ignore.d.server/imapproxy [Errno 13] Permission denied: u'/etc/logcheck/ignore.d.server/imapproxy' /etc/logcheck/ignore.d.server/imp [Errno 13] Permission denied: u'/etc/logcheck/ignore.d.server/imp' /etc/logcheck/ignore.d.server/imp4 [Errno 13] Permission denied: u'/etc/logcheck/ignore.d.server/imp4' /etc/logcheck/ignore.d.server/innd [Errno 13] Permission denied: u'/etc/logcheck/ignore.d.server/innd' /etc/logcheck/ignore.d.server/ipppd [Errno 13] Permission denied: u'/etc/logcheck/ignore.d.server/ipppd' /etc/logcheck/ignore.d.server/isdnlog [Errno 13] Permission denied: u'/etc/logcheck/ignore.d.server/isdnlog' /etc/logcheck/ignore.d.server/isdnutils [Errno 13] Permission denied: u'/etc/logcheck/ignore.d.server/isdnutils' /etc/logcheck/ignore.d.server/jabberd [Errno 13] Permission denied: u'/etc/logcheck/ignore.d.server/jabberd' /etc/logcheck/ignore.d.server/kernel [Errno 13] Permission denied: u'/etc/logcheck/ignore.d.server/kernel' /etc/logcheck/ignore.d.server/klogind [Errno 13] Permission denied: u'/etc/logcheck/ignore.d.server/klogind' /etc/logcheck/ignore.d.server/krb5-kdc [Errno 13] Permission denied: u'/etc/logcheck/ignore.d.server/krb5-kdc' /etc/logcheck/ignore.d.server/libpam-krb5 [Errno 13] Permission denied: u'/etc/logcheck/ignore.d.server/libpam-krb5' /etc/logcheck/ignore.d.server/libpam-mount [Errno 13] Permission denied: u'/etc/logcheck/ignore.d.server/libpam-mount' /etc/logcheck/ignore.d.server/logcheck [Errno 13] Permission denied: u'/etc/logcheck/ignore.d.server/logcheck' /etc/logcheck/ignore.d.server/login [Errno 13] Permission denied: u'/etc/logcheck/ignore.d.server/login' /etc/logcheck/ignore.d.server/maradns [Errno 13] Permission denied: u'/etc/logcheck/ignore.d.server/maradns' /etc/logcheck/ignore.d.server/mldonkey-server [Errno 13] Permission denied: u'/etc/logcheck/ignore.d.server/mldonkey-server' /etc/logcheck/ignore.d.server/mon [Errno 13] Permission denied: u'/etc/logcheck/ignore.d.server/mon' /etc/logcheck/ignore.d.server/mountd [Errno 13] Permission denied: u'/etc/logcheck/ignore.d.server/mountd' /etc/logcheck/ignore.d.server/nagios [Errno 13] Permission denied: u'/etc/logcheck/ignore.d.server/nagios' /etc/logcheck/ignore.d.server/netconsole [Errno 13] Permission denied: u'/etc/logcheck/ignore.d.server/netconsole' /etc/logcheck/ignore.d.server/nfs [Errno 13] Permission denied: u'/etc/logcheck/ignore.d.server/nfs' /etc/logcheck/ignore.d.server/nntpcache [Errno 13] Permission denied: u'/etc/logcheck/ignore.d.server/nntpcache' /etc/logcheck/ignore.d.server/nscd [Errno 13] Permission denied: u'/etc/logcheck/ignore.d.server/nscd' /etc/logcheck/ignore.d.server/nslcd [Errno 13] Permission denied: u'/etc/logcheck/ignore.d.server/nslcd' /etc/logcheck/ignore.d.server/openvpn [Errno 13] Permission denied: u'/etc/logcheck/ignore.d.server/openvpn' /etc/logcheck/ignore.d.server/otrs [Errno 13] Permission denied: u'/etc/logcheck/ignore.d.server/otrs' /etc/logcheck/ignore.d.server/passwd [Errno 13] Permission denied: u'/etc/logcheck/ignore.d.server/passwd' /etc/logcheck/ignore.d.server/pdns [Errno 13] Permission denied: u'/etc/logcheck/ignore.d.server/pdns' /etc/logcheck/ignore.d.server/perdition [Errno 13] Permission denied: u'/etc/logcheck/ignore.d.server/perdition' /etc/logcheck/ignore.d.server/policyd [Errno 13] Permission denied: u'/etc/logcheck/ignore.d.server/policyd' /etc/logcheck/ignore.d.server/popa3d [Errno 13] Permission denied: u'/etc/logcheck/ignore.d.server/popa3d' /etc/logcheck/ignore.d.server/postfix [Errno 13] Permission denied: u'/etc/logcheck/ignore.d.server/postfix' /etc/logcheck/ignore.d.server/postfix-policyd [Errno 13] Permission denied: u'/etc/logcheck/ignore.d.server/postfix-policyd' /etc/logcheck/ignore.d.server/ppp [Errno 13] Permission denied: u'/etc/logcheck/ignore.d.server/ppp' /etc/logcheck/ignore.d.server/pptpd [Errno 13] Permission denied: u'/etc/logcheck/ignore.d.server/pptpd' /etc/logcheck/ignore.d.server/procmail [Errno 13] Permission denied: u'/etc/logcheck/ignore.d.server/procmail' /etc/logcheck/ignore.d.server/proftpd [Errno 13] Permission denied: u'/etc/logcheck/ignore.d.server/proftpd' /etc/logcheck/ignore.d.server/puppetd [Errno 13] Permission denied: u'/etc/logcheck/ignore.d.server/puppetd' /etc/logcheck/ignore.d.server/pure-ftpd [Errno 13] Permission denied: u'/etc/logcheck/ignore.d.server/pure-ftpd' /etc/logcheck/ignore.d.server/pureftp [Errno 13] Permission denied: u'/etc/logcheck/ignore.d.server/pureftp' /etc/logcheck/ignore.d.server/qpopper [Errno 13] Permission denied: u'/etc/logcheck/ignore.d.server/qpopper' /etc/logcheck/ignore.d.server/rbldnsd [Errno 13] Permission denied: u'/etc/logcheck/ignore.d.server/rbldnsd' /etc/logcheck/ignore.d.server/rpc_statd [Errno 13] Permission denied: u'/etc/logcheck/ignore.d.server/rpc_statd' /etc/logcheck/ignore.d.server/rsnapshot [Errno 13] Permission denied: u'/etc/logcheck/ignore.d.server/rsnapshot' /etc/logcheck/ignore.d.server/rsync [Errno 13] Permission denied: u'/etc/logcheck/ignore.d.server/rsync' /etc/logcheck/ignore.d.server/sa-exim [Errno 13] Permission denied: u'/etc/logcheck/ignore.d.server/sa-exim' /etc/logcheck/ignore.d.server/samba [Errno 13] Permission denied: u'/etc/logcheck/ignore.d.server/samba' /etc/logcheck/ignore.d.server/saned [Errno 13] Permission denied: u'/etc/logcheck/ignore.d.server/saned' /etc/logcheck/ignore.d.server/sasl2-bin [Errno 13] Permission denied: u'/etc/logcheck/ignore.d.server/sasl2-bin' /etc/logcheck/ignore.d.server/saslauthd [Errno 13] Permission denied: u'/etc/logcheck/ignore.d.server/saslauthd' /etc/logcheck/ignore.d.server/schroot [Errno 13] Permission denied: u'/etc/logcheck/ignore.d.server/schroot' /etc/logcheck/ignore.d.server/scponly [Errno 13] Permission denied: u'/etc/logcheck/ignore.d.server/scponly' /etc/logcheck/ignore.d.server/slapd [Errno 13] Permission denied: u'/etc/logcheck/ignore.d.server/slapd' /etc/logcheck/ignore.d.server/smartd [Errno 13] Permission denied: u'/etc/logcheck/ignore.d.server/smartd' /etc/logcheck/ignore.d.server/smbd_audit [Errno 13] Permission denied: u'/etc/logcheck/ignore.d.server/smbd_audit' /etc/logcheck/ignore.d.server/smokeping [Errno 13] Permission denied: u'/etc/logcheck/ignore.d.server/smokeping' /etc/logcheck/ignore.d.server/snmpd [Errno 13] Permission denied: u'/etc/logcheck/ignore.d.server/snmpd' /etc/logcheck/ignore.d.server/snort [Errno 13] Permission denied: u'/etc/logcheck/ignore.d.server/snort' /etc/logcheck/ignore.d.server/spamc [Errno 13] Permission denied: u'/etc/logcheck/ignore.d.server/spamc' /etc/logcheck/ignore.d.server/spamd [Errno 13] Permission denied: u'/etc/logcheck/ignore.d.server/spamd' /etc/logcheck/ignore.d.server/squid [Errno 13] Permission denied: u'/etc/logcheck/ignore.d.server/squid' /etc/logcheck/ignore.d.server/ssh [Errno 13] Permission denied: u'/etc/logcheck/ignore.d.server/ssh' /etc/logcheck/ignore.d.server/stunnel [Errno 13] Permission denied: u'/etc/logcheck/ignore.d.server/stunnel' /etc/logcheck/ignore.d.server/su [Errno 13] Permission denied: u'/etc/logcheck/ignore.d.server/su' /etc/logcheck/ignore.d.server/sudo [Errno 13] Permission denied: u'/etc/logcheck/ignore.d.server/sudo' /etc/logcheck/ignore.d.server/sympa [Errno 13] Permission denied: u'/etc/logcheck/ignore.d.server/sympa' /etc/logcheck/ignore.d.server/syslogd [Errno 13] Permission denied: u'/etc/logcheck/ignore.d.server/syslogd' /etc/logcheck/ignore.d.server/teapop [Errno 13] Permission denied: u'/etc/logcheck/ignore.d.server/teapop' /etc/logcheck/ignore.d.server/telnetd [Errno 13] Permission denied: u'/etc/logcheck/ignore.d.server/telnetd' /etc/logcheck/ignore.d.server/tftpd [Errno 13] Permission denied: u'/etc/logcheck/ignore.d.server/tftpd' /etc/logcheck/ignore.d.server/thy [Errno 13] Permission denied: u'/etc/logcheck/ignore.d.server/thy' /etc/logcheck/ignore.d.server/ucd-snmp [Errno 13] Permission denied: u'/etc/logcheck/ignore.d.server/ucd-snmp' /etc/logcheck/ignore.d.server/upsd [Errno 13] Permission denied: u'/etc/logcheck/ignore.d.server/upsd' /etc/logcheck/ignore.d.server/uptimed [Errno 13] Permission denied: u'/etc/logcheck/ignore.d.server/uptimed' /etc/logcheck/ignore.d.server/userv [Errno 13] Permission denied: u'/etc/logcheck/ignore.d.server/userv' /etc/logcheck/ignore.d.server/vsftpd [Errno 13] Permission denied: u'/etc/logcheck/ignore.d.server/vsftpd' /etc/logcheck/ignore.d.server/watchdog [Errno 13] Permission denied: u'/etc/logcheck/ignore.d.server/watchdog' /etc/logcheck/ignore.d.server/webmin [Errno 13] Permission denied: u'/etc/logcheck/ignore.d.server/webmin' /etc/logcheck/ignore.d.server/wu-ftpd [Errno 13] Permission denied: u'/etc/logcheck/ignore.d.server/wu-ftpd' /etc/logcheck/ignore.d.server/xinetd [Errno 13] Permission denied: u'/etc/logcheck/ignore.d.server/xinetd' /etc/logcheck/ignore.d.workstation/automount [Errno 13] Permission denied: u'/etc/logcheck/ignore.d.workstation/automount' /etc/logcheck/ignore.d.workstation/bind [Errno 13] Permission denied: u'/etc/logcheck/ignore.d.workstation/bind' /etc/logcheck/ignore.d.workstation/bluetooth-alsa [Errno 13] Permission denied: u'/etc/logcheck/ignore.d.workstation/bluetooth-alsa' /etc/logcheck/ignore.d.workstation/bluez-utils [Errno 13] Permission denied: u'/etc/logcheck/ignore.d.workstation/bluez-utils' /etc/logcheck/ignore.d.workstation/bonobo [Errno 13] Permission denied: u'/etc/logcheck/ignore.d.workstation/bonobo' /etc/logcheck/ignore.d.workstation/dhcpcd [Errno 13] Permission denied: u'/etc/logcheck/ignore.d.workstation/dhcpcd' /etc/logcheck/ignore.d.workstation/francine [Errno 13] Permission denied: u'/etc/logcheck/ignore.d.workstation/francine' /etc/logcheck/ignore.d.workstation/gconf [Errno 13] Permission denied: u'/etc/logcheck/ignore.d.workstation/gconf' /etc/logcheck/ignore.d.workstation/gdm [Errno 13] Permission denied: u'/etc/logcheck/ignore.d.workstation/gdm' /etc/logcheck/ignore.d.workstation/hald [Errno 13] Permission denied: u'/etc/logcheck/ignore.d.workstation/hald' /etc/logcheck/ignore.d.workstation/hcid [Errno 13] Permission denied: u'/etc/logcheck/ignore.d.workstation/hcid' /etc/logcheck/ignore.d.workstation/ifplugd [Errno 13] Permission denied: u'/etc/logcheck/ignore.d.workstation/ifplugd' /etc/logcheck/ignore.d.workstation/ippl [Errno 13] Permission denied: u'/etc/logcheck/ignore.d.workstation/ippl' /etc/logcheck/ignore.d.workstation/kdm [Errno 13] Permission denied: u'/etc/logcheck/ignore.d.workstation/kdm' /etc/logcheck/ignore.d.workstation/kernel [Errno 13] Permission denied: u'/etc/logcheck/ignore.d.workstation/kernel' /etc/logcheck/ignore.d.workstation/laptop-mode-tools [Errno 13] Permission denied: u'/etc/logcheck/ignore.d.workstation/laptop-mode-tools' /etc/logcheck/ignore.d.workstation/libpam-gnome-keyring [Errno 13] Permission denied: u'/etc/logcheck/ignore.d.workstation/libpam-gnome-keyring' /etc/logcheck/ignore.d.workstation/logcheck [Errno 13] Permission denied: u'/etc/logcheck/ignore.d.workstation/logcheck' /etc/logcheck/ignore.d.workstation/login [Errno 13] Permission denied: u'/etc/logcheck/ignore.d.workstation/login' /etc/logcheck/ignore.d.workstation/net-acct [Errno 13] Permission denied: u'/etc/logcheck/ignore.d.workstation/net-acct' /etc/logcheck/ignore.d.workstation/nntpcache [Errno 13] Permission denied: u'/etc/logcheck/ignore.d.workstation/nntpcache' /etc/logcheck/ignore.d.workstation/polypaudio [Errno 13] Permission denied: u'/etc/logcheck/ignore.d.workstation/polypaudio' /etc/logcheck/ignore.d.workstation/postfix [Errno 13] Permission denied: u'/etc/logcheck/ignore.d.workstation/postfix' /etc/logcheck/ignore.d.workstation/ppp [Errno 13] Permission denied: u'/etc/logcheck/ignore.d.workstation/ppp' /etc/logcheck/ignore.d.workstation/proftpd [Errno 13] Permission denied: u'/etc/logcheck/ignore.d.workstation/proftpd' /etc/logcheck/ignore.d.workstation/pump [Errno 13] Permission denied: u'/etc/logcheck/ignore.d.workstation/pump' /etc/logcheck/ignore.d.workstation/sendfile [Errno 13] Permission denied: u'/etc/logcheck/ignore.d.workstation/sendfile' /etc/logcheck/ignore.d.workstation/slim [Errno 13] Permission denied: u'/etc/logcheck/ignore.d.workstation/slim' /etc/logcheck/ignore.d.workstation/squid [Errno 13] Permission denied: u'/etc/logcheck/ignore.d.workstation/squid' /etc/logcheck/ignore.d.workstation/udev [Errno 13] Permission denied: u'/etc/logcheck/ignore.d.workstation/udev' /etc/logcheck/ignore.d.workstation/wdm [Errno 13] Permission denied: u'/etc/logcheck/ignore.d.workstation/wdm' /etc/logcheck/ignore.d.workstation/winbind [Errno 13] Permission denied: u'/etc/logcheck/ignore.d.workstation/winbind' /etc/logcheck/ignore.d.workstation/wpasupplicant [Errno 13] Permission denied: u'/etc/logcheck/ignore.d.workstation/wpasupplicant' /etc/logcheck/ignore.d.workstation/xdm [Errno 13] Permission denied: u'/etc/logcheck/ignore.d.workstation/xdm' /etc/logcheck/ignore.d.workstation/xlockmore [Errno 13] Permission denied: u'/etc/logcheck/ignore.d.workstation/xlockmore' /etc/logcheck/violations.d/kernel [Errno 13] Permission denied: u'/etc/logcheck/violations.d/kernel' /etc/logcheck/violations.d/logcheck [Errno 13] Permission denied: u'/etc/logcheck/violations.d/logcheck' /etc/logcheck/violations.d/smartd [Errno 13] Permission denied: u'/etc/logcheck/violations.d/smartd' /etc/logcheck/violations.d/su [Errno 13] Permission denied: u'/etc/logcheck/violations.d/su' /etc/logcheck/violations.d/sudo [Errno 13] Permission denied: u'/etc/logcheck/violations.d/sudo' /etc/logcheck/violations.ignore.d/logcheck-su [Errno 13] Permission denied: u'/etc/logcheck/violations.ignore.d/logcheck-su' /etc/logcheck/violations.ignore.d/logcheck-sudo [Errno 13] Permission denied: u'/etc/logcheck/violations.ignore.d/logcheck-sudo' -- no debconf information
Tim White
2012-Jul-17 22:47 UTC
[Logcheck-devel] Bug#681934: Acknowledgement (logcheck-database: More dovecot rule enhancements)
Just to clarify, these rules are written based off Dovecot 2.1.8 (from http://xi.rename-it.nl/debian/ stable-auto/dovecot-2.1/). 2.1.7 is currently in backports. They should still work with 1.2.15 as found in stable.