Date: Sun, 7 Feb 2021 20:05:26 +0000 (UTC) From: Neel Chauhan <nc@FreeBSD.org> To: ports-committers@freebsd.org, svn-ports-all@freebsd.org, svn-ports-head@freebsd.org Subject: svn commit: r564643 - in head/security/logcheck: . files Message-ID: <202102072005.117K5QQg001363@repo.freebsd.org>
next in thread | raw e-mail | index | archive | help
Author: nc Date: Sun Feb 7 20:05:26 2021 New Revision: 564643 URL: https://svnweb.freebsd.org/changeset/ports/564643 Log: security/logcheck: Update to 1.3.22 Also, unconditionally enable the CRON option by default. Changes: https://salsa.debian.org/debian/logcheck/-/blob/debian/1.3.22/debian/changelog PR: 253223 Submitted by: Yasuhiro Kimura <yasu AT utahime DOT org> (maintainer) Modified: head/security/logcheck/Makefile head/security/logcheck/distinfo head/security/logcheck/files/patch-rulefiles__linux__ignore.d.server__ssh head/security/logcheck/files/patch-rulefiles_linux_ignore.d.server_sudo head/security/logcheck/pkg-plist Modified: head/security/logcheck/Makefile ============================================================================== --- head/security/logcheck/Makefile Sun Feb 7 19:57:45 2021 (r564642) +++ head/security/logcheck/Makefile Sun Feb 7 20:05:26 2021 (r564643) @@ -2,8 +2,7 @@ # $FreeBSD$ PORTNAME= logcheck -PORTVERSION= 1.3.20 -PORTREVISION= 1 +PORTVERSION= 1.3.22 CATEGORIES= security MASTER_SITES= DEBIAN_POOL DISTNAME= ${PORTNAME}_${PORTVERSION} @@ -33,9 +32,7 @@ RUNDIR= ${BASEDIR}/var/run/${PORTNAME} OPTIONS_DEFINE= CRON DOCS EXAMPLES CRON_DESC= Install cron script automatically -.if !defined(BATCH) OPTIONS_DEFAULT=CRON -.endif WRKSRC= ${WRKDIR}/${PORTNAME} BINMODE= 755 Modified: head/security/logcheck/distinfo ============================================================================== --- head/security/logcheck/distinfo Sun Feb 7 19:57:45 2021 (r564642) +++ head/security/logcheck/distinfo Sun Feb 7 20:05:26 2021 (r564643) @@ -1,3 +1,3 @@ -TIMESTAMP = 1551524817 -SHA256 (logcheck_1.3.20.tar.xz) = 9fb6d02b933470d0b1d1efb54ea186e0d0d27336f9d146be592f65ce60dfb3e6 -SIZE (logcheck_1.3.20.tar.xz) = 132004 +TIMESTAMP = 1612336082 +SHA256 (logcheck_1.3.22.tar.xz) = 7bb5de44d945b1ec6556c90ad8e9cb4e6355fc44b6c5653effe00495ec55e84e +SIZE (logcheck_1.3.22.tar.xz) = 133456 Modified: head/security/logcheck/files/patch-rulefiles__linux__ignore.d.server__ssh ============================================================================== --- head/security/logcheck/files/patch-rulefiles__linux__ignore.d.server__ssh Sun Feb 7 19:57:45 2021 (r564642) +++ head/security/logcheck/files/patch-rulefiles__linux__ignore.d.server__ssh Sun Feb 7 20:05:26 2021 (r564643) @@ -1,22 +1,11 @@ ---- rulefiles/linux/ignore.d.server/ssh.orig 2019-03-01 22:27:31 UTC +--- rulefiles/linux/ignore.d.server/ssh.orig 2021-01-28 19:50:10 UTC +++ rulefiles/linux/ignore.d.server/ssh @@ -14,7 +14,7 @@ - ^\w{3} [ :[:digit:]]{11} [._[:alnum:]-]+ sshd\[[[:digit:]]+\]: Postponed keyboard-interactive(/pam)? for (invalid user )?[^[:space:]]+ from [^[:space:]]+ port [[:digit:]]+( (ssh|ssh2)( \[preauth\])?)?$ + ^\w{3} [ :[:digit:]]{11} [._[:alnum:]-]+ sshd\[[[:digit:]]+\]: Postponed keyboard-interactive(/pam)? for (invalid user )?[^[:space:]]+ from [^[:space:]]+ port [[:digit:]]{1,5}( (ssh|ssh2)( \[preauth\])?)?$ ^\w{3} [ :[:digit:]]{11} [._[:alnum:]-]+ sshd\[[[:digit:]]+\]: Received disconnect from [:.[:xdigit:]]+: [12]: Timeout, server not responding\.$ - ^\w{3} [ :[:digit:]]{11} [._[:alnum:]-]+ sshd\[[[:digit:]]+\]: Received disconnect from [:.[:xdigit:]]+(: | port [[:digit:]]+:)11: (disconnected by user|Closed due to user request\.)$ + ^\w{3} [ :[:digit:]]{11} [._[:alnum:]-]+ sshd\[[[:digit:]]+\]: Received disconnect from [:.[:xdigit:]]+(: | port [[:digit:]]{1,5}:)11: (disconnected by user|Closed due to user request\.|Bye Bye \[preauth\])$ -^\w{3} [ :[:digit:]]{11} [._[:alnum:]-]+ sshd\[[[:digit:]]+\]: Received disconnect from [:[:xdigit:].]+: [[:digit:]]+: .{0,256} \[preauth\]$ +^\w{3} [ :[:digit:]]{11} [._[:alnum:]-]+ sshd\[[[:digit:]]+\]: Received disconnect from [:[:xdigit:].]+: [[:digit:]]+: .{0,255} \[preauth\]$ ^\w{3} [ :[:digit:]]{11} [._[:alnum:]-]+ sshd\[[[:digit:]]+\]: Received disconnect from [:[:xdigit:].]+: [[:digit:]]+: Client disconnect$ ^\w{3} [ :[:digit:]]{11} [._[:alnum:]-]+ sshd\[[[:digit:]]+\]: Received disconnect from [:[:xdigit:].]+: [[:digit:]]+: Disconnect requested by Windows SSH Client\.$ - ^\w{3} [ :[:digit:]]{11} [._[:alnum:]-]+ sshd\[[[:digit:]]+\]: Disconnected from [:[:xdigit:].]+ port [[:digit:]]+$ -@@ -27,8 +27,8 @@ - ^\w{3} [ :[:digit:]]{11} [._[:alnum:]-]+ sshd\[[[:digit:]]+\]: \(pam_unix\) check pass; user unknown$ - ^\w{3} [ :[:digit:]]{11} [._[:alnum:]-]+ sshd\[[[:digit:]]+\]: \(pam_unix\) bad username \[[^]]+\]$ - ^\w{3} [ :[:digit:]]{11} [._[:alnum:]-]+ sshd\[[[:digit:]]+\]: error: Could not get shadow information for NOUSER$ --^\w{3} [ :[:digit:]]{11} [._[:alnum:]-]+ sshd\[[[:digit:]]+\]: error: PAM: Authentication failure for( illegal user)? [^[:space:]]+ from ([:.[:xdigit:]]+|UNKNOWN|[-_.[:alnum:]]+)$ --^\w{3} [ :[:digit:]]{11} [._[:alnum:]-]+ sshd\[[[:digit:]]+\]: error: PAM: User not known to the underlying authentication module for i(llegal|nvalid) user [^[:space:]]+ from ([:.[:xdigit:]]+|UNKNOWN|[-_.[:alnum:]]+)$ -+^\w{3} [ :[:digit:]]{11} [._[:alnum:]-]+ sshd\[[[:digit:]]+\]: error: PAM: authentication error for( illegal user)? [^[:space:]]+ from ([:.[:xdigit:]]+|UNKNOWN|[-_.[:alnum:]]+)$ -+^\w{3} [ :[:digit:]]{11} [._[:alnum:]-]+ sshd\[[[:digit:]]+\]: error: PAM: unknown user for i(llegal|nvalid) user [^[:space:]]+ from ([:.[:xdigit:]]+|UNKNOWN|[-_.[:alnum:]]+)$ - ^\w{3} [ :[:digit:]]{11} [._[:alnum:]-]+ sshd\[[[:digit:]]+\]: error: ssh_msg_send: write$ - ^\w{3} [ :[:digit:]]{11} [._[:alnum:]-]+ sshd\[[[:digit:]]+\]: fatal: Timeout before authentication for [:[:alnum:].]+$ - ^\w{3} [ :[:digit:]]{11} [._[:alnum:]-]+ sshd\[[[:digit:]]+\]: fatal: Write failed: (Connection (timed out|reset by peer)|Broken pipe)$ + ^\w{3} [ :[:digit:]]{11} [._[:alnum:]-]+ sshd\[[[:digit:]]+\]: Disconnected from( (invalid|authenticating))?( user [^[:space:]]+)? [:[:xdigit:].]+ port [[:digit:]]{1,5}( \[preauth\])?$ Modified: head/security/logcheck/files/patch-rulefiles_linux_ignore.d.server_sudo ============================================================================== --- head/security/logcheck/files/patch-rulefiles_linux_ignore.d.server_sudo Sun Feb 7 19:57:45 2021 (r564642) +++ head/security/logcheck/files/patch-rulefiles_linux_ignore.d.server_sudo Sun Feb 7 20:05:26 2021 (r564643) @@ -1,11 +1,11 @@ ---- rulefiles/linux/ignore.d.server/sudo.orig 2018-05-30 21:59:13 UTC +--- rulefiles/linux/ignore.d.server/sudo.orig 2021-01-30 08:46:14 UTC +++ rulefiles/linux/ignore.d.server/sudo @@ -1,4 +1,4 @@ -^\w{3} [ :0-9]{11} [._[:alnum:]-]+ sudo: pam_[[:alnum:]]+\(sudo:session\): session closed for user [[:alnum:]-]+$ --^\w{3} [ :0-9]{11} [._[:alnum:]-]+ sudo: pam_[[:alnum:]]+\(sudo:session\): session opened for user [[:alnum:]-]+ by ([[:alnum:]-]+)?\(uid=[0-9]+\)$ +-^\w{3} [ :0-9]{11} [._[:alnum:]-]+ sudo: pam_[[:alnum:]]+\(sudo:session\): session opened for user [[:alnum:]-]+(\(uid=[[:digit:]]+\))? by ([[:alnum:]-]+)?\(uid=[0-9]+\)$ -^\w{3} [ :0-9]{11} [._[:alnum:]-]+ sudo:[[:space:]]+[_[:alnum:].-]+ : TTY=(unknown|(pts/|tty|vc/)[[:digit:]]+) ; PWD=[^;]+ ; USER=[._[:alnum:]-]+ ; COMMAND=(/(usr|etc|bin|sbin)/|sudoedit ).*$ -^\w{3} [ :0-9]{11} [._[:alnum:]-]+ sudo:[[:space:]]+[_[:alnum:].-]+ : \(command continued\).*$ +^\w{3} [ :0-9]{11} [._[:alnum:]-]+ sudo(\[[[:digit:]]+\])?: pam_[[:alnum:]]+\(sudo:session\): session closed for user [[:alnum:]-]+$ -+^\w{3} [ :0-9]{11} [._[:alnum:]-]+ sudo(\[[[:digit:]]+\])?: pam_[[:alnum:]]+\(sudo:session\): session opened for user [[:alnum:]-]+ by ([[:alnum:]-]+)?\(uid=[0-9]+\)$ ++^\w{3} [ :0-9]{11} [._[:alnum:]-]+ sudo(\[[[:digit:]]+\])?: pam_[[:alnum:]]+\(sudo:session\): session opened for user [[:alnum:]-]+(\(uid=[[:digit:]]+\))? by ([[:alnum:]-]+)?\(uid=[0-9]+\)$ +^\w{3} [ :0-9]{11} [._[:alnum:]-]+ sudo(\[[[:digit:]]+\])?:[[:space:]]+[_[:alnum:].-]+ : TTY=(unknown|(pts/|tty|vc/)[[:digit:]]+) ; PWD=[^;]+ ; USER=[._[:alnum:]-]+ ; COMMAND=(/(usr|etc|bin|sbin)/|sudoedit ).*$ +^\w{3} [ :0-9]{11} [._[:alnum:]-]+ sudo(\[[[:digit:]]+\])?:[[:space:]]+[_[:alnum:].-]+ : \(command continued\).*$ Modified: head/security/logcheck/pkg-plist ============================================================================== --- head/security/logcheck/pkg-plist Sun Feb 7 19:57:45 2021 (r564642) +++ head/security/logcheck/pkg-plist Sun Feb 7 20:05:26 2021 (r564643) @@ -135,6 +135,7 @@ %%ETCDIR%%/ignore.d.server/sympa %%ETCDIR%%/ignore.d.server/syslogd %%ETCDIR%%/ignore.d.server/systemd +%%ETCDIR%%/ignore.d.server/systemd-logind %%ETCDIR%%/ignore.d.server/systemd-timesyncd %%ETCDIR%%/ignore.d.server/teapop %%ETCDIR%%/ignore.d.server/telnetd
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?202102072005.117K5QQg001363>