Skip site navigation (1)Skip section navigation (2)
Date:      Sun, 7 Feb 2021 20:05:26 +0000 (UTC)
From:      Neel Chauhan <nc@FreeBSD.org>
To:        ports-committers@freebsd.org, svn-ports-all@freebsd.org, svn-ports-head@freebsd.org
Subject:   svn commit: r564643 - in head/security/logcheck: . files
Message-ID:  <202102072005.117K5QQg001363@repo.freebsd.org>

next in thread | raw e-mail | index | archive | help
Author: nc
Date: Sun Feb  7 20:05:26 2021
New Revision: 564643
URL: https://svnweb.freebsd.org/changeset/ports/564643

Log:
  security/logcheck: Update to 1.3.22
  
  Also, unconditionally enable the CRON option by default.
  
  Changes: https://salsa.debian.org/debian/logcheck/-/blob/debian/1.3.22/debian/changelog
  
  PR:		253223
  Submitted by:	Yasuhiro Kimura <yasu AT utahime DOT org> (maintainer)

Modified:
  head/security/logcheck/Makefile
  head/security/logcheck/distinfo
  head/security/logcheck/files/patch-rulefiles__linux__ignore.d.server__ssh
  head/security/logcheck/files/patch-rulefiles_linux_ignore.d.server_sudo
  head/security/logcheck/pkg-plist

Modified: head/security/logcheck/Makefile
==============================================================================
--- head/security/logcheck/Makefile	Sun Feb  7 19:57:45 2021	(r564642)
+++ head/security/logcheck/Makefile	Sun Feb  7 20:05:26 2021	(r564643)
@@ -2,8 +2,7 @@
 # $FreeBSD$
 
 PORTNAME=	logcheck
-PORTVERSION=	1.3.20
-PORTREVISION=	1
+PORTVERSION=	1.3.22
 CATEGORIES=	security
 MASTER_SITES=	DEBIAN_POOL
 DISTNAME=	${PORTNAME}_${PORTVERSION}
@@ -33,9 +32,7 @@ RUNDIR=		${BASEDIR}/var/run/${PORTNAME}
 
 OPTIONS_DEFINE=	CRON DOCS EXAMPLES
 CRON_DESC=	Install cron script automatically
-.if !defined(BATCH)
 OPTIONS_DEFAULT=CRON
-.endif
 
 WRKSRC=		${WRKDIR}/${PORTNAME}
 BINMODE=	755

Modified: head/security/logcheck/distinfo
==============================================================================
--- head/security/logcheck/distinfo	Sun Feb  7 19:57:45 2021	(r564642)
+++ head/security/logcheck/distinfo	Sun Feb  7 20:05:26 2021	(r564643)
@@ -1,3 +1,3 @@
-TIMESTAMP = 1551524817
-SHA256 (logcheck_1.3.20.tar.xz) = 9fb6d02b933470d0b1d1efb54ea186e0d0d27336f9d146be592f65ce60dfb3e6
-SIZE (logcheck_1.3.20.tar.xz) = 132004
+TIMESTAMP = 1612336082
+SHA256 (logcheck_1.3.22.tar.xz) = 7bb5de44d945b1ec6556c90ad8e9cb4e6355fc44b6c5653effe00495ec55e84e
+SIZE (logcheck_1.3.22.tar.xz) = 133456

Modified: head/security/logcheck/files/patch-rulefiles__linux__ignore.d.server__ssh
==============================================================================
--- head/security/logcheck/files/patch-rulefiles__linux__ignore.d.server__ssh	Sun Feb  7 19:57:45 2021	(r564642)
+++ head/security/logcheck/files/patch-rulefiles__linux__ignore.d.server__ssh	Sun Feb  7 20:05:26 2021	(r564643)
@@ -1,22 +1,11 @@
---- rulefiles/linux/ignore.d.server/ssh.orig	2019-03-01 22:27:31 UTC
+--- rulefiles/linux/ignore.d.server/ssh.orig	2021-01-28 19:50:10 UTC
 +++ rulefiles/linux/ignore.d.server/ssh
 @@ -14,7 +14,7 @@
- ^\w{3} [ :[:digit:]]{11} [._[:alnum:]-]+ sshd\[[[:digit:]]+\]: Postponed keyboard-interactive(/pam)? for (invalid user )?[^[:space:]]+ from [^[:space:]]+ port [[:digit:]]+( (ssh|ssh2)( \[preauth\])?)?$
+ ^\w{3} [ :[:digit:]]{11} [._[:alnum:]-]+ sshd\[[[:digit:]]+\]: Postponed keyboard-interactive(/pam)? for (invalid user )?[^[:space:]]+ from [^[:space:]]+ port [[:digit:]]{1,5}( (ssh|ssh2)( \[preauth\])?)?$
  ^\w{3} [ :[:digit:]]{11} [._[:alnum:]-]+ sshd\[[[:digit:]]+\]: Received disconnect from [:.[:xdigit:]]+: [12]: Timeout, server not responding\.$
- ^\w{3} [ :[:digit:]]{11} [._[:alnum:]-]+ sshd\[[[:digit:]]+\]: Received disconnect from [:.[:xdigit:]]+(: | port [[:digit:]]+:)11: (disconnected by user|Closed due to user request\.)$
+ ^\w{3} [ :[:digit:]]{11} [._[:alnum:]-]+ sshd\[[[:digit:]]+\]: Received disconnect from [:.[:xdigit:]]+(: | port [[:digit:]]{1,5}:)11: (disconnected by user|Closed due to user request\.|Bye Bye \[preauth\])$
 -^\w{3} [ :[:digit:]]{11} [._[:alnum:]-]+ sshd\[[[:digit:]]+\]: Received disconnect from [:[:xdigit:].]+: [[:digit:]]+: .{0,256} \[preauth\]$
 +^\w{3} [ :[:digit:]]{11} [._[:alnum:]-]+ sshd\[[[:digit:]]+\]: Received disconnect from [:[:xdigit:].]+: [[:digit:]]+: .{0,255} \[preauth\]$
  ^\w{3} [ :[:digit:]]{11} [._[:alnum:]-]+ sshd\[[[:digit:]]+\]: Received disconnect from [:[:xdigit:].]+: [[:digit:]]+: Client disconnect$
  ^\w{3} [ :[:digit:]]{11} [._[:alnum:]-]+ sshd\[[[:digit:]]+\]: Received disconnect from [:[:xdigit:].]+: [[:digit:]]+: Disconnect requested by Windows SSH Client\.$
- ^\w{3} [ :[:digit:]]{11} [._[:alnum:]-]+ sshd\[[[:digit:]]+\]: Disconnected from [:[:xdigit:].]+ port [[:digit:]]+$
-@@ -27,8 +27,8 @@
- ^\w{3} [ :[:digit:]]{11} [._[:alnum:]-]+ sshd\[[[:digit:]]+\]: \(pam_unix\) check pass; user unknown$
- ^\w{3} [ :[:digit:]]{11} [._[:alnum:]-]+ sshd\[[[:digit:]]+\]: \(pam_unix\) bad username \[[^]]+\]$
- ^\w{3} [ :[:digit:]]{11} [._[:alnum:]-]+ sshd\[[[:digit:]]+\]: error: Could not get shadow information for NOUSER$
--^\w{3} [ :[:digit:]]{11} [._[:alnum:]-]+ sshd\[[[:digit:]]+\]: error: PAM: Authentication failure for( illegal user)? [^[:space:]]+ from ([:.[:xdigit:]]+|UNKNOWN|[-_.[:alnum:]]+)$
--^\w{3} [ :[:digit:]]{11} [._[:alnum:]-]+ sshd\[[[:digit:]]+\]: error: PAM: User not known to the underlying authentication module for i(llegal|nvalid) user [^[:space:]]+ from ([:.[:xdigit:]]+|UNKNOWN|[-_.[:alnum:]]+)$
-+^\w{3} [ :[:digit:]]{11} [._[:alnum:]-]+ sshd\[[[:digit:]]+\]: error: PAM: authentication error for( illegal user)? [^[:space:]]+ from ([:.[:xdigit:]]+|UNKNOWN|[-_.[:alnum:]]+)$
-+^\w{3} [ :[:digit:]]{11} [._[:alnum:]-]+ sshd\[[[:digit:]]+\]: error: PAM: unknown user for i(llegal|nvalid) user [^[:space:]]+ from ([:.[:xdigit:]]+|UNKNOWN|[-_.[:alnum:]]+)$
- ^\w{3} [ :[:digit:]]{11} [._[:alnum:]-]+ sshd\[[[:digit:]]+\]: error: ssh_msg_send: write$
- ^\w{3} [ :[:digit:]]{11} [._[:alnum:]-]+ sshd\[[[:digit:]]+\]: fatal: Timeout before authentication for [:[:alnum:].]+$
- ^\w{3} [ :[:digit:]]{11} [._[:alnum:]-]+ sshd\[[[:digit:]]+\]: fatal: Write failed: (Connection (timed out|reset by peer)|Broken pipe)$
+ ^\w{3} [ :[:digit:]]{11} [._[:alnum:]-]+ sshd\[[[:digit:]]+\]: Disconnected from( (invalid|authenticating))?( user [^[:space:]]+)? [:[:xdigit:].]+ port [[:digit:]]{1,5}( \[preauth\])?$

Modified: head/security/logcheck/files/patch-rulefiles_linux_ignore.d.server_sudo
==============================================================================
--- head/security/logcheck/files/patch-rulefiles_linux_ignore.d.server_sudo	Sun Feb  7 19:57:45 2021	(r564642)
+++ head/security/logcheck/files/patch-rulefiles_linux_ignore.d.server_sudo	Sun Feb  7 20:05:26 2021	(r564643)
@@ -1,11 +1,11 @@
---- rulefiles/linux/ignore.d.server/sudo.orig	2018-05-30 21:59:13 UTC
+--- rulefiles/linux/ignore.d.server/sudo.orig	2021-01-30 08:46:14 UTC
 +++ rulefiles/linux/ignore.d.server/sudo
 @@ -1,4 +1,4 @@
 -^\w{3} [ :0-9]{11} [._[:alnum:]-]+ sudo: pam_[[:alnum:]]+\(sudo:session\): session closed for user [[:alnum:]-]+$
--^\w{3} [ :0-9]{11} [._[:alnum:]-]+ sudo: pam_[[:alnum:]]+\(sudo:session\): session opened for user [[:alnum:]-]+ by ([[:alnum:]-]+)?\(uid=[0-9]+\)$
+-^\w{3} [ :0-9]{11} [._[:alnum:]-]+ sudo: pam_[[:alnum:]]+\(sudo:session\): session opened for user [[:alnum:]-]+(\(uid=[[:digit:]]+\))? by ([[:alnum:]-]+)?\(uid=[0-9]+\)$
 -^\w{3} [ :0-9]{11} [._[:alnum:]-]+ sudo:[[:space:]]+[_[:alnum:].-]+ : TTY=(unknown|(pts/|tty|vc/)[[:digit:]]+) ; PWD=[^;]+ ; USER=[._[:alnum:]-]+ ; COMMAND=(/(usr|etc|bin|sbin)/|sudoedit ).*$
 -^\w{3} [ :0-9]{11} [._[:alnum:]-]+ sudo:[[:space:]]+[_[:alnum:].-]+ : \(command continued\).*$
 +^\w{3} [ :0-9]{11} [._[:alnum:]-]+ sudo(\[[[:digit:]]+\])?: pam_[[:alnum:]]+\(sudo:session\): session closed for user [[:alnum:]-]+$
-+^\w{3} [ :0-9]{11} [._[:alnum:]-]+ sudo(\[[[:digit:]]+\])?: pam_[[:alnum:]]+\(sudo:session\): session opened for user [[:alnum:]-]+ by ([[:alnum:]-]+)?\(uid=[0-9]+\)$
++^\w{3} [ :0-9]{11} [._[:alnum:]-]+ sudo(\[[[:digit:]]+\])?: pam_[[:alnum:]]+\(sudo:session\): session opened for user [[:alnum:]-]+(\(uid=[[:digit:]]+\))? by ([[:alnum:]-]+)?\(uid=[0-9]+\)$
 +^\w{3} [ :0-9]{11} [._[:alnum:]-]+ sudo(\[[[:digit:]]+\])?:[[:space:]]+[_[:alnum:].-]+ : TTY=(unknown|(pts/|tty|vc/)[[:digit:]]+) ; PWD=[^;]+ ; USER=[._[:alnum:]-]+ ; COMMAND=(/(usr|etc|bin|sbin)/|sudoedit ).*$
 +^\w{3} [ :0-9]{11} [._[:alnum:]-]+ sudo(\[[[:digit:]]+\])?:[[:space:]]+[_[:alnum:].-]+ : \(command continued\).*$

Modified: head/security/logcheck/pkg-plist
==============================================================================
--- head/security/logcheck/pkg-plist	Sun Feb  7 19:57:45 2021	(r564642)
+++ head/security/logcheck/pkg-plist	Sun Feb  7 20:05:26 2021	(r564643)
@@ -135,6 +135,7 @@
 %%ETCDIR%%/ignore.d.server/sympa
 %%ETCDIR%%/ignore.d.server/syslogd
 %%ETCDIR%%/ignore.d.server/systemd
+%%ETCDIR%%/ignore.d.server/systemd-logind
 %%ETCDIR%%/ignore.d.server/systemd-timesyncd
 %%ETCDIR%%/ignore.d.server/teapop
 %%ETCDIR%%/ignore.d.server/telnetd



Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?202102072005.117K5QQg001363>