[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: System log monitor

Steve wrote:
> With packages having their own violations/ignore files you can add a
> separate header to each one. So a logcheck pass would look like ..
>   Security Violations
>   =-=-=-=-=-=-=-=-=-=
>   <result of running through violations/violations.ignore>
>   (package foo) Violations
>   =-=-=-=-=-=-=-=-=-=-=
>   <result of running through foo.violations/ignore>
>   Unusual System Events
>   =-=-=-=-=-=-=-=-=-=-=
>   <The rest>
Looks nice. I think I will do this.

> Admittedly, separate violations files may be more of a modification to
> logcheck than debian policy allows, in which case I've been prattling
> inanely :)  Then using update-logcheck to generate violations/ignore
> files that don't require altering logcheck is definitely the neatest
> solution.
Hmm, am I mistaken in my belief that the policy states *how* a piece of software
should be packaged (given that it has the correct license), but not *what* a
piece of software should do (given that it doesn't do anything malicious) ? I
had to patch the logchchck.sh script anyway to fix the other bug reports, so I
can't see how policy should prevent the change you proposed above.

best greets,

Reply to: