Installed logcheck 1.1.1-11 (all source)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Format: 1.7
Date: Fri, 9 Nov 2001 15:59:14 +0100
Source: logcheck
Binary: logcheck-database logcheck logtail
Architecture: source all
Version: 1.1.1-11
Distribution: unstable
Urgency: high
Maintainer: Rene Mayrhofer <rmayr@debian.org>
Changed-By: Rene Mayrhofer <rene.mayrhofer@debian.org>
Description:
logcheck - Mails anomalies in the system logfiles to the administrator
logcheck-database - A database of system log rules for the use of log checkers
logtail - Returns parts of logfiles that have not already been returned
Closes: 50966 70926 79836 86726 87225 89614 90836 90862 94234 95592 96319 97172 99106 99619 103397 108227 108370 108720 110010 110412 111198 111549 111915 113185 113305 113842 117537 118423 118494 118800
Changes:
logcheck (1.1.1-11) unstable; urgency=high
.
FTP maintainers: please decide on your own if this should go into stable. It
might be a good idea because it fixes some possible security bugs and also
has some features that I keep getting bug reports about (the current version
in stable is ancient).
.
This release fixes a serious bug (FHS problem) and also fixes A LOT of old
bug reports. I am sorry for being inactive on this package for such a long
time, but now I am going back to active development. If you want any feature,
then simply file a bug report.
I am now going through bug reports and mails asking for the addition of
ignore rules to logcheck and I will reassign those bugs to the appropriate
packages. Now that logcheck has a stable mechanism for package specific
rules files, please use it. Those rules will be definitely more up-to-date
when they come with the package that generates the log messages to be
filtered. If you have any rules that you would like to be added to the
default installation and they clearly belong to a single package, then
please ask the maintainer of this package.
I would really like to see this package going from optional to standard
priority, but I need quite some help from others to achieve this. The goal
should be that - on workstation logging level - the user only gets an email
when seomthing goes terribly wrong. This way, logcheck can be installed on
all new Debian installations without causing inconvenience for users, but
offering them a notification tool if something is really broken (or better:
before something gets broken). And with the current size of the logcheck
package, space should be no problem....
* Moved offset data from /var/state/logcheck to /var/lib/logcheck to comply
with FHS.
Closes: #108227
* Incorporated a shell snippet from Markus Gutschke for reading configured
logfiles from /etc/syslog.conf. This way, logcheck can automatically
fill /etc/logcheck/logcheck.logfiles with correct values.
Update: Disabled the code for now because the sed expression does not
take log file names starting with a "-" in account. If anybody wants to
correct this sed expression in the logcheck postinst, please let me know.
I just want to get this release out, finally.....
* Changed maintainer to rmayr@debian.org.
* Updated policy version to 3.5.6.0 (this really was a warp jump....).
* Remove empty lines from rules files before using them. This fixes a
security problem, because empty lines act as wildcards. Therefore
one single rule file with an empty line would prevent all log entries
from being displayed.
(Idea and one line of shell snippet borrowed from Steve Smith.)
Closes: #50966
* Split logtail in its own package.
* Split the logcheck rules database in an own package logcheck-database.
Closes: #117537
* Change naming of offset files in /var/lib/logcheck so that watching
/var/log/nmessages and /var/log/local/someapp/messages will work.
Closes: #94234, #108720
* Fixed a small typo in logcheck.sh.
Closes: #99619
* Removed /etc/logcheck/ignore.d.paranoid/sendmail, since it is now
included in the sendmail package.
Closes: #113305, #118423, #111549, #110010, #111915
* The removal problems should now be fixed (now not printing anything in
postrm anymore - this seemed to be a problem with the debhelper-generated
debconf cleanup stuff).
Closes: #90836, #110412
* Fixed handling of ignore greppings.
Closes: #95592, #87225
* Fixed another small bug with grepping ignore files.
Closes: #118494
* Do not install the INSTALL file anymore.
* Corrected spelling errors.
Closes: #90862, #99106
* Renamed /etc/logcheck/*hacking* to /etc/logcheck/*cracking*
Closes: #96319
* Corrected the sorting of lines in logcheck.sh so that lines with the same
timestamp get their order preserved.
Cloeses: #111597
* Changed string "Security Violations" to "Possible Security Violations" in
sent mails.
Closes: #113185
* Do not use logtail.c from the original logcheck package anymore, but a
perl version by Paul Slootman. This makes the package architecture
independent.
Closes: #89614
* Run logcheck on reboot (using a line with @reboot in /etc/cron.d/logcheck).
Closes: #97172
* Make symbolic links in /etc/logcheck relative.
Closes: #108370
* Allow comments in /etc/logcheck/logfiles
Closes: #111198
* Renamed logcheck.sh to logcheck.
Closes: #113842
* Finally fixed the problem with logrotation.
Closes: #70926, #79836, #118800
.
This is from 1.1.1-10 (never uploaded, only internal testing), but repeated
here because of the closed bug report.
* There should be no more problems with duplicate entries in
logcheck.ignore.workstation, because now this file is quite minimal and
not generated from diffs to logcheck.ignore.paranoid anymore.
Closes: #86726
.
* Users, please use the newest logcheck version, 1.1.1-4 is ancient. Those
bugs have been closed quite some time ago:
Closes: #103397
Files:
d8423f3c65ff9d54cbb7e9448ad86be8 648 admin optional logcheck_1.1.1-11.dsc
4cfef57ddcaf14b4d24b565c12765e53 23651 admin optional logcheck_1.1.1-11.diff.gz
31680a42776b08a80683c6c49a728a14 24072 admin optional logcheck_1.1.1-11_all.deb
9dce851c30356f9b3c3a727394d07407 15382 admin optional logcheck-database_1.1.1-11_all.deb
10baefce5a989492dde96a2b6759fdf3 8600 admin optional logtail_1.1.1-11_all.deb
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.0.6 (GNU/Linux)
Comment: For info see http://www.gnupg.org
iEYEARECAAYFAjv29vkACgkQq7SPDcPCS95wJQCeLVgn7roH8wKWWgtDqYxgLJYr
AJAAoLko3h+hA2Zxt2ZbwvXbYKRyiBGb
=Lnud
-----END PGP SIGNATURE-----
Installed:
logcheck-database_1.1.1-11_all.deb
to pool/main/l/logcheck/logcheck-database_1.1.1-11_all.deb
logcheck_1.1.1-11.diff.gz
to pool/main/l/logcheck/logcheck_1.1.1-11.diff.gz
logcheck_1.1.1-11.dsc
to pool/main/l/logcheck/logcheck_1.1.1-11.dsc
logcheck_1.1.1-11_all.deb
to pool/main/l/logcheck/logcheck_1.1.1-11_all.deb
logtail_1.1.1-11_all.deb
to pool/main/l/logcheck/logtail_1.1.1-11_all.deb
Reply to: