similar to: [ttroxell@debian.org: Re: Logcheck rules from other packages]

Package: courier-imap-ssl,logcheck-database Severity: wishlist Please move /etc/logcheck/*/courier to the courier packages and out of logcheck-database. -- System Information: Debian Release: testing/unstable APT prefers stable APT policy: (700, 'stable'), (600, 'testing'), (98, 'unstable'), (1, 'experimental') Architecture: i386 (i686) Shell: /bin/sh linked

Package: logcheck Version: 1.2.34 Severity: wishlist I have a couple of home-made logcheck ignore files, and happened to have one unescaped (and unmatched) `(' in one of the filter lines. Because of this, cron sent a mail with the body "grep: Invalid regular expression" - the subject is the command in the "2 * * * *" line in /etc/cron.d/logcheck, of course. It would be

A new archive was announced for packages that have need for frequent changes [see below]. In theory, we should not have to update logcheck rules in Sarge, because we know that it's packages, with the exception of security updates will remain constant. This does not change the fact that we may wish to update the database on sarge <: Any thoughts? -Todd ----- Forwarded message from

/usr/share/doc/logcheck-database/README.logcheck-database.gz Do you think that this file is insufficient, or did you just not see it? If the latter is the case, perhaps I should add a pointer to it in logcheck.8. Cheers, -- [ Todd J. Troxell ,''`. Student, Debian GNU/Linux Developer, SysAdmin, Geek : :' : http://debian.org ||

Package: logcheck Version: 1.2.41 Severity: minor man (8) logcheck says: For hints on how to maintain rules, see README.logcheck-database.gz, but this file is not included in /usr/share/doc/logcheck. micah -- System Information: Debian Release: testing/unstable APT prefers unstable APT policy: (500, 'unstable') Architecture: i386 (i686) Shell: /bin/sh linked to /bin/bash Kernel:

Package: logcheck-database Version: 1.2.28 Severity: wishlist Could you add support for dnsmasq for the server profile? This is the standard dnsmasq output. ^\w{3} [ :0-9]{11} [._[:alnum:]-]+ dnsmasq\[[[:digit:]]+\]: read /etc/hosts - [[:digit:]]+ addresses$ ^\w{3} [ :0-9]{11} [._[:alnum:]-]+ dnsmasq\[[[:digit:]]+\]: reading /etc/resolv.conf$ ^\w{3} [ :0-9]{11} [._[:alnum:]-]+

Perhaps we do not need to have logcheck user in base if we install our own rules with dh_installlogcheck. Related: http://lists.alioth.debian.org/pipermail/logcheck-devel/2005-September/002096.html -- Todd Troxell http://rapidpacket.com/~xtat

On Sat, 15 May 2004, CVS User ttroxell wrote: > if [ -f /etc/logcheck/header.txt ] ; then > - $CAT /etc/logcheck/header.txt >> $TMPDIR/report > + $CAT /etc/logcheck/header.txt >> $TMPDIR/report \ > + || error "Could not append header to $TMPDIR/report Disk full?" > fi > } > > @@ -152,7 +157,8 @@ > # Add a footer

package: logcheck-database version: 1.2.23 severity: wishlist The current regexp's for postfix/lmtp.. ^\w{3} [ :0-9]{11} [._[:alnum:]-]+ postfix/lmtp\[[0-9]+\]: [0-9A-F]: to=<[^[:space:]]+>, orig_to=<[^[:space:]]+>, relay=[^[:space:]]+\], delay=[0-9]+ status=sent \(250 2\.1\.5 Ok\)$ ..doesn't catch these messages: Jul 15 17:15:16 lorien postfix/lmtp[17151]: C1170480008B:

Processing commands for control at bugs.debian.org: > reassign 352043 logcheck Bug#352043: please integrate dovecot logcheck rule in the dovecot-common package Bug reassigned from package `dovecot-common' to `logcheck'. > retitle 352043 Please provide a backport of logcheck Bug#352043: please integrate dovecot logcheck rule in the dovecot-common package Changed Bug title. >

Package: logcheck Version: 1.2.35 Severity: minor Manual page reads: SYNOPSIS logcheck [TIONS] Perhaps it was intended to read: SYNOPSIS logcheck [OPTIONS] -- System Information: Debian Release: testing/unstable APT prefers unstable APT policy: (500, 'unstable'), (500, 'stable'), (1, 'experimental') Architecture: i386 (i686) Shell: /bin/sh linked

Package: logcheck-database Version: 1.2.39 Severity: wishlist These are the subject of an am-utils FAQ <URL:http://www.am-utils.org/docs/am-utils/FAQ.txt> and would be useful in the ignored list. Note that it's either `newer' or `older'. Jun 14 14:32:25 albion kernel: nfs warning: mount version newer than kernel Jun 14 14:37:54 dlsy kernel: nfs warning: mount version older

Package: logcheck Version: 1.2.41 Severity: wishlist Hi folks, thanks for your work maintaining logcheck, it works well. When my users read their mail using imap (usually via squirrelmail, not sure about other clients) I get a message like this in the log: Aug 22 21:03:32 phoenix imapd[6551]: Moved 11323 bytes of new mail to /home/winky/mail/mbox from /var/spool/mail/winky host= localhost

Package: logcheck Severity: wishlist I see no reason why /etc/logcheck should have any more permissions than 0750. Please consider removing access rights from 'other'. -- System Information: Debian Release: testing/unstable APT prefers stable APT policy: (700, 'stable'), (600, 'testing'), (98, 'unstable'), (1, 'experimental') Architecture: i386 (i686)

Package: logcheck-database Version: 1.2.40 Severity: normal Tags: patch There are one line that is not properly ignored. I include in the report a better version. -- System Information: Debian Release: 3.1 APT prefers testing APT policy: (400, 'testing'), (300, 'unstable'), (200, 'experimental') Architecture: i386 (i686) Kernel: Linux 2.6.8-2-k7 Locale:

Package: logcheck-database Version: 1.2.40 Severity: wishlist Hi, Please duplicate the imap-login related lines and change them to filter out the equivalent messages emitted by pop3-login. regards Andrew -- System Information: Debian Release: testing/unstable APT prefers testing APT policy: (500, 'testing') Architecture: i386 (i686) Shell: /bin/sh linked to /bin/bash Kernel:

Martin F. Krafft (madduck) has been added to the project. P.S. I'd like to get a release out sometime next week. -- Todd Troxell http://rapidpacket.com/~xtat -------------- next part -------------- A non-text attachment was scrubbed... Name: not available Type: application/pgp-signature Size: 189 bytes Desc: Digital signature Url :

package logcheck-database tags 125794 pending tags 191637 pending thanks I've been running the latest version of qpopper from unstable for a few days and I've added the following rules to CVS: ^\w{3} [ :0-9]{11} [._[:alnum:]-]+ in.qpopper\[[0-9]+\]: connect from [._[:alnum:]-]+$ ^\w{3} [ :0-9]{11} [._[:alnum:]-]+ in.qpopper\[[0-9]+\]: \(v[.[:digit:]]+\) POP login by user

Package: logcheck Version: 1.2.32 Severity: important In postinst logcheck "fixes" permissions of /etc/logcheck/* to 750. In my (and others on #d-d) opinion ownership and permissions should be preserved upon package upgrades. Logcheck must not screw with my decision to make them world readable every time it configures. -- Peter

On Wed, 05 Jan 2005, CVS User ttroxell wrote: > @@ -70,6 +70,10 @@ > chown logcheck /var/lock/logcheck > /dev/null 2>&1 || true > fi > > + # fix for #284788 > + # update timestamp on cron > + touch /etc/cron.d/logcheck || true > + > ;; > > abort-upgrade|abort-remove|abort-deconfigure) on a box with a broken coreutils install