similar to: Bug#652537: Please add rule for inetutils-syslogd

Package: logcheck Version: 1.2.32 Severity: wishlist /etc/cron.daily/sysklogd restarts syslogd at the end of the script. This causes a daily log message, currently missed by logcheck: Jan 14 06:55:22 pyloric syslogd 1.4.1#16: restart (remote reception). I'm currently using this regex in ignore.server.d/local-syslogd: ^\w{3} [ :0-9]{11} [._[:alnum:]-]+ syslogd 1\.4\.1#16: restart \(remote

Hi, Not sure when this stopped working, because I'm sure it used to. This is the cygwin build of rsync, with the standard cygwin rsh (which is a fairly old GNU inetutils 1.3.2). ~=> rsync --rsh=rsh -vv bibble: opening connection using rsh bibble rsync --server --sender -vvr . rsh: unknown option -- server Try `rsh --help' for more information. rsync: connection unexpectedly closed

Package: logcheck Version: 1.2.69 Severity: normal Tags: patch -- System Information: Debian Release: 5.0.3 APT prefers stable APT policy: (500, 'stable') Architecture: amd64 (x86_64) Kernel: Linux 2.6.30.4-vs2.3.0.36.14-pre4 (SMP w/2 CPU cores) Locale: LANG=de_DE.UTF-8, LC_CTYPE=de_DE.UTF-8 (charmap=UTF-8) Shell: /bin/sh linked to /bin/bash Versions of packages logcheck depends

Package: logcheck Version: 1.2.69 Severity: normal In the file /etc/logcheck/ignore.d.server/wu-ftpd ^\w{3} [ :0-9]{11} [._[:alnum:]-]+ wu-ftpd: PAM-listfile: Refused user [._[:alnum:]-]+ for service wu-ftpd$ should be ^\w{3} [ :0-9]{11} [._[:alnum:]-]+ wu-ftpd\[[0-9]{4}\]: PAM-listfile: Refused user [._[:alnum:]-]+ for service wu-ftpd$ There is a number after "wu-ftpd" -- System

Hello, It's a bit off topic, but I'm hoping someone has seen this before. I'm running a couple of headless boxes, one is 4.7 release, the other is 4.8 release. Both have the same issue with newsyslog when I've got the serial port enabled for console management. (-h in boot.conf and a getty running on cuaa0 after the boot process) Logrotate tries to send an HUP to syslogd, but

Hello! on my centos 4.4 i have enable selinux, but after this change syslogd can't no more run: # /etc/init.d/syslog restart Shutting down kernel logger: [ OK ] Shutting down system logger: [FAILED] Starting system logger: syslogd: error while loading shared libraries: libc.so.6: cannot open shared object file: No such file or

Hi all. Bug bin/8865 strikes again? I have a FreeBSD 4.8 Release machine. After sometime, the logs just aren't modified, syslogd just doesn't log. The last entry on /var/log/messages is from may 15. Could this be caused to use a serial console (-P on /boot.config, no keyboard attached) to access the machine? There was once a time that when i Control^D'ed on the serial console and

I made a quick change to syslogd(8) so that it can drop root privileges immediately after starting up. It opens up the log sockets (UNIX and network domains) and writes the PID files before dropping privs. It drops privs before openning log files and writing to users. Therefore, you would need to modify your log file permissions appropriately. As for writing to users, ttys generally are writeable

Hi, There have been several replies on the syslogd question. All 2 to 4 lines long. I therefore gathered them here. Roger. ----------------------------------------------------------------- From: Paul Kenyon <pkenyon@loctech.com> Date: Wed, 24 Jun 1998 11:37:01 -0500 I believe it is possible to pipe anything through SSH. I''ll find the URL to the info and post it. I

Package: logcheck Version: 1.2.69 Severity: normal logcheck is a "batchy" job, but currently runs at normal I/O priority, and is hard-coded to run with a niceness of 10. As a result logcheck can degrade interactive performance on machines with a lot of log traffic, relatively slow CPU or expensive I/O. It'd be useful if the "ionice" and "schedtool" utilities

Package: logcheck Version: 1.2.69 Severity: normal Tags: patch Logcheck's reports contains many messages like: Feb 7 19:03:57 srv dhcpd: DHCPREQUEST for 172.21.0.126 from 00:19:7e:9f:cc:32 (Hostname Unsuitable for Printing) via eth0 Feb 7 19:03:57 srv dhcpd: DHCPACK on 172.21.0.126 to 00:19:7e:9f:cc:32 (Hostname Unsuitable for Printing) via eth0 I create file

Yesterday I activated SELinux in targeted mode, then I rebooted and started receiving some error messages in the system services initialization: ====================================================================== audit(1156518721.252:2): avc: denied { read } for pid=2223 comm="syslogd" name="libc-2.3.4.so" dev=dm-0 ino=50441 scontext=user_u:system_r:syslogd_t

In response to my post regarding core-sdi's secure syslogd - ssyslogd. Sorry it has taken me so long to post this...been super busy... I didn't get a lot of responses back from the list regarding ssyslogd. Just a couple of people who said they were using it, and it was working. I grabbed the latest version (ssyslogd-1.22) from http://www.core-sdi.com/ssyslog/. I had a problem compiling

> > Second, why don''t you implement a "black box" log system ? > > That''s all log generated by all hosts on your network is forwarded > > to a seperate log machine called black box. Such computer grants > > no access to any body whatsoever except for user "root" loginning on > > the console. > > how to setup a

Hi all, I have installed a CentOS4.3 box and migrated some application from FC1 to the new box, everything else runs perfectly except syslogd/klogd. /etc/rc.d/init.d/syslog starts without any problem, but there is nothing logged into /var/log/messages, even I restart the service. However, I tried to shut the service down and run "syslogd -m 0 &" and "klogd -x &" as

" Message from syslogd at localhost at Aug 27 08:57:53 ... kernel:Disabling IRQ #17" is the message I got on all my terminal windows at the time indicated. What is it complaining about? What should I do about it? I got some information from dmesg. It mentions IRQ 17, but the only error is from before the most recent hibernation. Here are some excerpts, in order from dmesg: SELinux:

Just updated our syslog server to 4.8-STABLE #0: Mon Apr 7 09:39:27 EDT 2003 In my rc.conf I have: # fgrep syslog /etc/rc.conf syslogd_program="/usr/local/sbin/syslog-ng" syslogd_flags="" Syslog-ng starts up appropriately; but syslogd also tries to start now. Since the port's already in use, rc hangs during boot until I ctrl-c at that point. Perhaps something's not

--------------------------------------------------------------------- Red Hat, Inc. Security Advisory Synopsis: Denial of service attack in syslogd Advisory ID: RHSA-1999:055-01 Issue date: 1999-11-19 Updated on: 1999-11-19 Keywords: syslogd sysklogd stream socket Cross references: bugtraq id #809 --------------------------------------------------------------------- 1. Topic: A

tags 475553 wontfix thanks While I completely agree that this /should/ be fixed in logcheck, it can't be, since the logcheck rulefile format *sucks*, meaning /every/ rule would have to be extended to support both styles. I am sorry, but I have to mark this wontfix. I hope that one day, someone will get up and write logfilter, which I've started to draft on the wiki.logcheck.org page.

I'm not sure if this message ever made it to you, Jamie. I had a reverse DNS problem shortly after it was sent. ----- Forwarded message from Todd Troxell <ttroxell at debian.org> ----- Date: Wed, 1 Jun 2005 01:22:18 -0400 From: Todd Troxell <ttroxell at debian.org> To: "Jamie L. Penman-Smithson" <jamie at silverdream.org> Subject: Re: Logcheck rules from other