similar to: intermittent access this week

On Sat, 15 May 2004, CVS User ttroxell wrote: > if [ -f /etc/logcheck/header.txt ] ; then > - $CAT /etc/logcheck/header.txt >> $TMPDIR/report > + $CAT /etc/logcheck/header.txt >> $TMPDIR/report \ > + || error "Could not append header to $TMPDIR/report Disk full?" > fi > } > > @@ -152,7 +157,8 @@ > # Add a footer

Package: logcheck Version: 1.2.22a Severity: wishlist There is no support for imapproxy, and it would be a great help if it was added. Following are two sample lines from the syslog: Jun 11 09:36:55 MyHost in.imapproxyd[30845]: LOGOUT: '"MyUser"' from server sd [13] Jun 11 09:37:02 MyHost in.imapproxyd[30846]: LOGIN: '"MyUser"' (xxx.xxx.xxx.xx:yyyyy) on

hello everyone, thanks to todd 1.2.21 is out :) every release getting better, i would like to get consensus on these "important" bugs: #252078 logtail: should depend on perl >= 5.8 sarge as any other modern linux distro use perl 5.8.x, it's even inside of its base. backports are under the peril of its author if no one voices up, i'll close that bug in the next days.

Package: logcheck Version: 1.2.20a Severity: normal Followup-For: Bug #247360 I can't find NEWS.Debian in the package. -- System Information: Debian Release: testing/unstable APT prefers unstable APT policy: (500, 'unstable') Architecture: i386 (i686) Kernel: Linux 2.6.5 Locale: LANG=ru_RU.KOI8-R, LC_CTYPE=ru_RU.KOI8-R Versions of packages logcheck depends on: ii adduser

Package: logcheck Version: 1.2.20a Severity: important Since logcheck changed to run as user logcheck, the error mails of the cron daemon end up in /var/mail/logcheck where nobody reads them. Mails for logcheck should be aliased to root like all the other mails of system accounts. I was searching for a long time what was wrong with my logcheck not delivering any mails. The lock directory was

Package: logcheck-database Version: 1.2.22a Severity: normal Thanks to the upgrade to Postfix 2.1 and deploying a newer logcheck ruleset on a busier server I've found a bunch more rules for Postfix. I've attached new rules files and patches are inline. The following patch is for violations.ignore.d: --- logcheck-postfix.orig 2004-06-21 20:11:14.000000000 +0100 +++ logcheck-postfix

/usr/share/doc/logcheck-database/README.logcheck-database.gz Do you think that this file is insufficient, or did you just not see it? If the latter is the case, perhaps I should add a pointer to it in logcheck.8. Cheers, -- [ Todd J. Troxell ,''`. Student, Debian GNU/Linux Developer, SysAdmin, Geek : :' : http://debian.org ||

I have rules like this on my servers: ^\w{3} [ :[:digit:]]{11} [._[:alnum:]-]+ proftpd\[[[:digit:]]+\]: [._[:alnum:]-]+ \([._[:alnum:]-]+\[[[:digit:].]{7,15}\]\) (- )USER [-_.[:alnum:]]+: no such user found from [._[:alnum:]-]+ \[[[:digit:].]{7,15}\]\ to [[:digit:].]{7,15}:21$ basically, I just don't care about logins as nonexistent users, I get so many of those that I don't even

Package: logcheck Version: 1.2.42 Severity: minor Tags: patch Logcheck does not report any error if the config file is not readable or does not exists. This may easily happen, as logcheck is run as logcheck user and while one is testing a new configuration on live system with running configuration intact. Following fragment may help: # Now source the config file - before things that should

A new archive was announced for packages that have need for frequent changes [see below]. In theory, we should not have to update logcheck rules in Sarge, because we know that it's packages, with the exception of security updates will remain constant. This does not change the fact that we may wish to update the database on sarge <: Any thoughts? -Todd ----- Forwarded message from

I'm not sure if this message ever made it to you, Jamie. I had a reverse DNS problem shortly after it was sent. ----- Forwarded message from Todd Troxell <ttroxell at debian.org> ----- Date: Wed, 1 Jun 2005 01:22:18 -0400 From: Todd Troxell <ttroxell at debian.org> To: "Jamie L. Penman-Smithson" <jamie at silverdream.org> Subject: Re: Logcheck rules from other

Package: logcheck Version: 1.2.32 Severity: important In postinst logcheck "fixes" permissions of /etc/logcheck/* to 750. In my (and others on #d-d) opinion ownership and permissions should be preserved upon package upgrades. Logcheck must not screw with my decision to make them world readable every time it configures. -- Peter

Package: logcheck Version: 1.2.20a Severity: serious Tags: patch On a system where sh points to dash and LANG=es_ES, I get this: # apt-get -y --reinstall install logcheck Leyendo lista de paquetes... 0% Leyendo lista de paquetes... 0% Leyendo lista de paquetes... 23% Leyendo lista de paquetes... Hecho Creando ?rbol de dependencias... 0% Creando ?rbol de dependencias... 0% Creando ?rbol de

apt-get install svn-buildpackage cat <<_eof >> ~/.svn-buildpackage.conf svn-lintian svn-linda svn-move _eof mkdir logcheck; cd logcheck svn co svn+ssh://svn.debian.org/svn/logcheck/logcheck/trunk cd trunk svn-buildpackage -k<your key ID> -rfakeroot man svn-buildpackage for more. Nice, huh? -- .''`. martin f. krafft <madduck at debian.org> : :' :

Package: logcheck Version: 1.2.34 Severity: wishlist I have a couple of home-made logcheck ignore files, and happened to have one unescaped (and unmatched) `(' in one of the filter lines. Because of this, cron sent a mail with the body "grep: Invalid regular expression" - the subject is the command in the "2 * * * *" line in /etc/cron.d/logcheck, of course. It would be

On Wed, 05 Jan 2005, CVS User ttroxell wrote: > @@ -70,6 +70,10 @@ > chown logcheck /var/lock/logcheck > /dev/null 2>&1 || true > fi > > + # fix for #284788 > + # update timestamp on cron > + touch /etc/cron.d/logcheck || true > + > ;; > > abort-upgrade|abort-remove|abort-deconfigure) on a box with a broken coreutils install

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Hi, I think I found a mistake in the postfix file in /etc/logcheck/ignore.d.server. There is one equal sign to much in this line: ^\w{3} [ :0-9]{11} [._[:alnum:]-]+ postfix/smtpd\[[0-9]+\]: [[:alnum:]]+: client=[^[:space:]]+, sasl_method=[[:alnum:]]+, sasl_username==[-_.@[:alnum:]]+$ I think it should be: ^\w{3} [ :0-9]{11} [._[:alnum:]-]+

A non-text attachment was scrubbed... Name: parse_logcheck Type: application/octet-stream Size: 3860 bytes Desc: not available Url : http://lists.alioth.debian.org/pipermail/logcheck-devel/attachments/20040901/b1727d89/attachment.obj

Package: courier-imap-ssl,logcheck-database Severity: wishlist Please move /etc/logcheck/*/courier to the courier packages and out of logcheck-database. -- System Information: Debian Release: testing/unstable APT prefers stable APT policy: (700, 'stable'), (600, 'testing'), (98, 'unstable'), (1, 'experimental') Architecture: i386 (i686) Shell: /bin/sh linked

Package: logcheck Version: 1.2.43a Severity: normal -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 I have messages like these in my logs: Apr 27 10:05:49 localhost smartd[9357]: Device: /dev/hda, SMART Prefailure Attribute: 1 Raw_Read_Error_Rate changed from 58 to 57 Apr 27 10:05:49 localhost smartd[9357]: Device: /dev/hda, SMART Usage Attribute: 195 Hardware_ECC_Recovered changed from 58 to 57