similar to: New logcheck committer

I have rules like this on my servers: ^\w{3} [ :[:digit:]]{11} [._[:alnum:]-]+ proftpd\[[[:digit:]]+\]: [._[:alnum:]-]+ \([._[:alnum:]-]+\[[[:digit:].]{7,15}\]\) (- )USER [-_.[:alnum:]]+: no such user found from [._[:alnum:]-]+ \[[[:digit:].]{7,15}\]\ to [[:digit:].]{7,15}:21$ basically, I just don't care about logins as nonexistent users, I get so many of those that I don't even

apt-get install svn-buildpackage cat <<_eof >> ~/.svn-buildpackage.conf svn-lintian svn-linda svn-move _eof mkdir logcheck; cd logcheck svn co svn+ssh://svn.debian.org/svn/logcheck/logcheck/trunk cd trunk svn-buildpackage -k<your key ID> -rfakeroot man svn-buildpackage for more. Nice, huh? -- .''`. martin f. krafft <madduck at debian.org> : :' :

/usr/share/doc/logcheck-database/README.logcheck-database.gz Do you think that this file is insufficient, or did you just not see it? If the latter is the case, perhaps I should add a pointer to it in logcheck.8. Cheers, -- [ Todd J. Troxell ,''`. Student, Debian GNU/Linux Developer, SysAdmin, Geek : :' : http://debian.org ||

Package: courier-imap-ssl,logcheck-database Severity: wishlist Please move /etc/logcheck/*/courier to the courier packages and out of logcheck-database. -- System Information: Debian Release: testing/unstable APT prefers stable APT policy: (700, 'stable'), (600, 'testing'), (98, 'unstable'), (1, 'experimental') Architecture: i386 (i686) Shell: /bin/sh linked

I'm not sure if this message ever made it to you, Jamie. I had a reverse DNS problem shortly after it was sent. ----- Forwarded message from Todd Troxell <ttroxell at debian.org> ----- Date: Wed, 1 Jun 2005 01:22:18 -0400 From: Todd Troxell <ttroxell at debian.org> To: "Jamie L. Penman-Smithson" <jamie at silverdream.org> Subject: Re: Logcheck rules from other

Hey team, I'll be at sea on and off this week, and as such my Internet access will depend on wifi availability while in port. 22a seems stable, but if any critical problems arise, feel free to prepare a release and bug Alfie to upload it. On the brighter side, I expect to be extremely bored while offline so I'll probably get some logcheck work done. <: Cheers, -- [ Todd J.

A new archive was announced for packages that have need for frequent changes [see below]. In theory, we should not have to update logcheck rules in Sarge, because we know that it's packages, with the exception of security updates will remain constant. This does not change the fact that we may wish to update the database on sarge <: Any thoughts? -Todd ----- Forwarded message from

On Sat, 15 May 2004, CVS User ttroxell wrote: > if [ -f /etc/logcheck/header.txt ] ; then > - $CAT /etc/logcheck/header.txt >> $TMPDIR/report > + $CAT /etc/logcheck/header.txt >> $TMPDIR/report \ > + || error "Could not append header to $TMPDIR/report Disk full?" > fi > } > > @@ -152,7 +157,8 @@ > # Add a footer

Package: logcheck Version: 1.2.20a Severity: important Since logcheck changed to run as user logcheck, the error mails of the cron daemon end up in /var/mail/logcheck where nobody reads them. Mails for logcheck should be aliased to root like all the other mails of system accounts. I was searching for a long time what was wrong with my logcheck not delivering any mails. The lock directory was

Package: logcheck Version: 1.2.34 Severity: wishlist I have a couple of home-made logcheck ignore files, and happened to have one unescaped (and unmatched) `(' in one of the filter lines. Because of this, cron sent a mail with the body "grep: Invalid regular expression" - the subject is the command in the "2 * * * *" line in /etc/cron.d/logcheck, of course. It would be

Package: logcheck Version: 1.2.42 Severity: minor Tags: patch Logcheck does not report any error if the config file is not readable or does not exists. This may easily happen, as logcheck is run as logcheck user and while one is testing a new configuration on live system with running configuration intact. Following fragment may help: # Now source the config file - before things that should

Package: logcheck Version: 1.2.20a Severity: normal Followup-For: Bug #247360 I can't find NEWS.Debian in the package. -- System Information: Debian Release: testing/unstable APT prefers unstable APT policy: (500, 'unstable') Architecture: i386 (i686) Kernel: Linux 2.6.5 Locale: LANG=ru_RU.KOI8-R, LC_CTYPE=ru_RU.KOI8-R Versions of packages logcheck depends on: ii adduser

On Wed, 05 Jan 2005, CVS User ttroxell wrote: > @@ -70,6 +70,10 @@ > chown logcheck /var/lock/logcheck > /dev/null 2>&1 || true > fi > > + # fix for #284788 > + # update timestamp on cron > + touch /etc/cron.d/logcheck || true > + > ;; > > abort-upgrade|abort-remove|abort-deconfigure) on a box with a broken coreutils install

Package: logcheck-database Version: 1.2.33 Severity: normal I just installed 1.2.33, and it made my rules dirs setuid, not setgid... - Marc -- System Information: Debian Release: 3.1 APT prefers testing APT policy: (900, 'testing'), (300, 'unstable') Architecture: i386 (i686) Kernel: Linux 2.6.8-1-k7 Locale: LANG=en_CA, LC_CTYPE=en_CA (charmap=ISO-8859-1) Versions of

hello everyone, thanks to todd 1.2.21 is out :) every release getting better, i would like to get consensus on these "important" bugs: #252078 logtail: should depend on perl >= 5.8 sarge as any other modern linux distro use perl 5.8.x, it's even inside of its base. backports are under the peril of its author if no one voices up, i'll close that bug in the next days.

Package: logcheck Version: 1.2.32 Severity: minor "Ghandi" should be "Gandhi" in README.how.to.interpret, assuming that you mean the Indian freedom fighter M.K. Gandhi a.k.a. Mahatma Gandhi. -- System Information: Debian Release: 3.1 APT prefers unstable APT policy: (500, 'unstable') Architecture: i386 (i686) Kernel: Linux 2.6.7 Locale: LANG=C, LC_CTYPE=C

Package: logtail Version: 1.2.33 Severity: normal Hi... Logtail should not output error messages to standard output, since this violates the principle of least surprise. In particular, my application was broken by the semantics of logtail changing in version 1.2.21 (when you added switches for the default arguments to logtail). I think this was a bad move -- you broke an interface used by

Dear list, I am running dovecot 1.2.15 on a Debian server. One user reports continuous problems synchronising her mailbox via IMAP (offlineimap, via SSH tunnel or SSL socket). It seems that she has a large, locally-created message, but the uplink bandwidth seems to be not enough to push it before dovecot times out the APPEND command. The error/exception happens inside offlineimap's Python

At the moment I've no host with which to test ppp/lp things on. If you (or anyone) could provide complete regexes, (each beginning with ^ and ending with $) I will patch the rules accordingly. If not, sending the full log lines is a good start. Thanks! -- [ Todd J. Troxell ,''`. Student, Debian GNU/Linux Developer, SysAdmin, Geek :

Package: logcheck Version: 1.2.32 Severity: important In postinst logcheck "fixes" permissions of /etc/logcheck/* to 750. In my (and others on #d-d) opinion ownership and permissions should be preserved upon package upgrades. Logcheck must not screw with my decision to make them world readable every time it configures. -- Peter