Date: Thu, 18 Jun 2020 18:26:02 +0000 From: bugzilla-noreply@freebsd.org To: bugs@FreeBSD.org Subject: [Bug 247389] 800.loginfail and 900.tcpwrap (/etc/periodic/security) don't produce output Message-ID: <bug-247389-227@https.bugs.freebsd.org/bugzilla/>
index | next in thread | raw e-mail
https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=247389 Bug ID: 247389 Summary: 800.loginfail and 900.tcpwrap (/etc/periodic/security) don't produce output Product: Base System Version: 12.1-STABLE Hardware: Any OS: Any Status: New Severity: Affects Only Me Priority: --- Component: conf Assignee: bugs@FreeBSD.org Reporter: xaphod@sdf.org /etc/periodic/security/800.loginfail /etc/periodic/security/900.tcpwrap Perhaps it's just me missing the bleeding obvious, but these two scripts appear to be wired backwards, and therefore don't produce output. Also, the egrep regex in 800.loginfail doesn't work for me either. A quick edit & test... and all appears to work as intended. --- 800.loginfail-old 2019-10-19 19:05:16.208356000 +0000 +++ 800.loginfail 2020-06-18 18:24:45.772960000 +0000 @@ -46,7 +46,7 @@ yesterday=`date -v-1d "+%b %e "` catmsgs() { - find ${LOG} -name 'auth.log.*' -mtime -2 | + find ${LOG} -name 'messages.*' -mtime -2 | sort -t. -r -n -k 2,2 | while read f do @@ -55,7 +55,7 @@ *.bz2) bzcat -f $f;; esac done - [ -f ${LOG}/auth.log ] && cat $LOG/auth.log + [ -f ${LOG}/messages ] && cat $LOG/messages } rc=0 @@ -64,7 +64,7 @@ then echo "" echo "${host} login failures:" - n=$(catmsgs | egrep -ia "^$yesterday.*: .*\b(fail(ures?|ed)?|invalid|bad|illegal|auth.*error)\b" | + n=$(catmsgs | egrep -ia "^$yesterday.*: .*\<(fail(ures?|ed)?|invalid|bad|illegal|auth.*error)\>" | tee /dev/stderr | wc -l) [ $n -gt 0 ] && rc=1 || rc=0 fi --- 900.tcpwrap-old 2019-10-19 19:05:16.224470000 +0000 +++ 900.tcpwrap 2020-06-18 18:24:07.948855000 +0000 @@ -46,7 +46,7 @@ yesterday=`date -v-1d "+%b %e "` catmsgs() { - find ${LOG} -name 'messages.*' -mtime -2 | + find ${LOG} -name 'auth.log.*' -mtime -2 | sort -t. -r -n -k 2,2 | while read f do @@ -55,7 +55,7 @@ *.bz2) bzcat -f $f;; esac done - [ -f ${LOG}/messages ] && cat $LOG/messages + [ -f ${LOG}/auth.log ] && cat $LOG/auth.log } rc=0 -- You are receiving this mail because: You are the assignee for the bug.home | help
Want to link to this message? Use this
URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?bug-247389-227>