From owner-freebsd-bugs@FreeBSD.ORG  Sat Aug 12 01:00:34 2006
Return-Path: <owner-freebsd-bugs@FreeBSD.ORG>
X-Original-To: freebsd-bugs@hub.freebsd.org
Delivered-To: freebsd-bugs@hub.freebsd.org
Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125])
	by hub.freebsd.org (Postfix) with ESMTP id CBC7516A4DA
	for <freebsd-bugs@hub.freebsd.org>;
	Sat, 12 Aug 2006 01:00:34 +0000 (UTC)
	(envelope-from gnats@FreeBSD.org)
Received: from freefall.freebsd.org (freefall.freebsd.org [216.136.204.21])
	by mx1.FreeBSD.org (Postfix) with ESMTP id 946DD43D45
	for <freebsd-bugs@hub.freebsd.org>;
	Sat, 12 Aug 2006 01:00:34 +0000 (GMT)
	(envelope-from gnats@FreeBSD.org)
Received: from freefall.freebsd.org (gnats@localhost [127.0.0.1])
	by freefall.freebsd.org (8.13.4/8.13.4) with ESMTP id k7C10YV9044667
	for <freebsd-bugs@freefall.freebsd.org>; Sat, 12 Aug 2006 01:00:34 GMT
	(envelope-from gnats@freefall.freebsd.org)
Received: (from gnats@localhost)
	by freefall.freebsd.org (8.13.4/8.13.4/Submit) id k7C10Yq6044666;
	Sat, 12 Aug 2006 01:00:34 GMT (envelope-from gnats)
Date: Sat, 12 Aug 2006 01:00:34 GMT
Message-Id: <200608120100.k7C10Yq6044666@freefall.freebsd.org>
To: freebsd-bugs@FreeBSD.org
From: "Skye Poier" <spoier@gmail.com>
Cc: 
Subject: Re: conf/91732: [patch] 800.loginfail: fix log message grep
	expression
X-BeenThere: freebsd-bugs@freebsd.org
X-Mailman-Version: 2.1.5
Precedence: list
Reply-To: Skye Poier <spoier@gmail.com>
List-Id: Bug reports <freebsd-bugs.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-bugs>,
	<mailto:freebsd-bugs-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-bugs>
List-Post: <mailto:freebsd-bugs@freebsd.org>
List-Help: <mailto:freebsd-bugs-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-bugs>,
	<mailto:freebsd-bugs-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Sat, 12 Aug 2006 01:00:34 -0000

The following reply was made to PR conf/91732; it has been noted by GNATS.

From: "Skye Poier" <spoier@gmail.com>
To: bug-followup@FreeBSD.org, doconnor@gsoft.com.au
Cc:  
Subject: Re: conf/91732: [patch] 800.loginfail: fix log message grep expression
Date: Fri, 11 Aug 2006 17:58:21 -0700

 I noticed the same problem; although I was primarily worried about not
 seeing ssh login failures in the security report.  I discovered it was
 because "fail" no longer appears in the auth.log line on my FreeBSD
 6.1 installation:
 
 Aug 11 08:39:20 hostname sshd[48839]: error: PAM: authentication error
 for someuser from somewhere.pacbell.net
 
 I simply modified the grep in 800.loginfail to read:
 
         n=$(catmsgs | grep -ia "^$yesterday.*\(fail\|authentication error\)" |
             tee /dev/stderr | wc -l)