Sebastian Ramacher
2013-Apr-24 14:39 UTC
[Logcheck-devel] Bug#706085: logcheck-database: update ssh rules for new "subsystem request for sftp" messages
Package: logcheck-database Version: 1.3.15 Severity: normal Tags: patch Dear maintainer, the rule to ignore "subsystem request for sftp" output from sshd doesn't match the actual output from sshd anymore. The openssh version in wheezy and above now also includes the username: Apr 24 14:19:28 rigel sshd[17449]: subsystem request for sftp by user sebastian The attached patch changes the rule to match the new output. Regards -- System Information: Debian Release: 7.0 APT prefers unstable APT policy: (650, 'unstable'), (601, 'testing'), (600, 'experimental') Architecture: amd64 (x86_64) Foreign Architectures: i386 Kernel: Linux 3.8-trunk-amd64 (SMP w/4 CPU cores) Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8) Shell: /bin/sh linked to /bin/dash -- Sebastian Ramacher -------------- next part -------------- A non-text attachment was scrubbed... Name: logcheck-ssh.diff Type: text/x-diff Size: 1486 bytes Desc: not available URL: <http://lists.alioth.debian.org/pipermail/logcheck-devel/attachments/20130424/0f2cbab8/attachment.diff> -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 836 bytes Desc: Digital signature URL: <http://lists.alioth.debian.org/pipermail/logcheck-devel/attachments/20130424/0f2cbab8/attachment.pgp>
Debian Bug Tracking System
2014-Jan-26 19:06 UTC
[Logcheck-devel] Bug#706085: marked as done (logcheck-database: update ssh rules for new "subsystem request for sftp" messages)
Your message dated Sun, 26 Jan 2014 19:03:37 +0000 with message-id <E1W7UzZ-000234-Qz at franck.debian.org> and subject line Bug#706085: fixed in logcheck 1.3.16 has caused the Debian Bug report #706085, regarding logcheck-database: update ssh rules for new "subsystem request for sftp" messages to be marked as done. This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact owner at bugs.debian.org immediately.) -- 706085: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=706085 Debian Bug Tracking System Contact owner at bugs.debian.org with problems -------------- next part -------------- An embedded message was scrubbed... From: Sebastian Ramacher <sramacher at debian.org> Subject: logcheck-database: update ssh rules for new "subsystem request for sftp" messages Date: Wed, 24 Apr 2013 16:39:11 +0200 Size: 6213 URL: <http://lists.alioth.debian.org/pipermail/logcheck-devel/attachments/20140126/0a7196b1/attachment.mht> -------------- next part -------------- An embedded message was scrubbed... From: Hannes von Haugwitz <hannes at vonhaugwitz.com> Subject: Bug#706085: fixed in logcheck 1.3.16 Date: Sun, 26 Jan 2014 19:03:37 +0000 Size: 6469 URL: <http://lists.alioth.debian.org/pipermail/logcheck-devel/attachments/20140126/0a7196b1/attachment-0001.mht>
Apparently Analagous Threads
- Bug#566107: logcheck-database: with violations.d/logcheck empty most rules in violations.ignore.d look useless
- Bug#397466: logcheck-database: proftpd rules do not support IPv6 addresses with UseReverseDNS off
- Bug#437478: logcheck-database: No rules for puppet included
- Bug#545318: logcheck-database: please add rule for newgrp messages
- Bug#617527: logcheck-database: incomplete rules for scponly-full