lp:ubuntu/lucid/logcheck

Branch merges

Propose for merging

No branches dependent on this one.

Related source package recipes

No recipes using this branch. (?)

Create packaging recipe

Related snap packages

Related bugs

Bug #463471: karmic regression: logcheck prints CRON CMD lines

Wishlist

Confirmed

Link a bug report

Related blueprints

10. By Hannes von Haugwitz on 2010-02-19

[ Hannes von Haugwitz ]
* Added src/logcheck-test and docs/logcheck-test.1
* ignore.d.server/wu-ftpd:
  - adjusted rule to match optional pid (closes: #570207)
* src/logcheck:
  - use 7bit encoding for sending mail
* ignore.d.workstation/kernel:
  - added rules for inserted and removed SD cards
* ignore.d.server/mountd: new
  - added rule for authenticated mount/unmount requests,
    thanks to Paweł Hajdan, Jr. (closes: #567842)
* docs/logcheck.sgml: clarify that "server" rules are
  included in "workstation" level
* ignore.d.server/klogind: new
  - added rule for "connect from" message
* ignore.d.server/login:
  - added rule for root logins on pseudo terminals
* ignore.d.server/bind:
  - added rules for "received notify for zone" and
    "zone is up to date" message
* Makefile:
  - added an empty "all" make target, thanks to
    Paweł Hajdan, Jr. (closes: #567150)
  - renamed BINDIR to SBINDIR
  - added logtail2 script to "clean" make target
* ignore.d.server/ssh:
  - added rule for "disconnected by user" message (closes: #567317)
* ignore.d.workstation/ifplugd:
  - added rule for "client: OK" message
* debian/control:
  - bumped to Standards-Version 3.8.4 (no changes necessary)
  - added ${misc:Depends} to logtail Depends

[ Hanspeter Kunz ]
* ignore.d.server/dovecot:
  - added an optional prefix "dovecot: " to the deliver rule
  - added rule to ignore various sieve messages (stored mail, forwards,
    vacation replies and discards)

[ Frédéric Brière ]
* ignore.d.server/kernel:
  - added IPv6 support to "Treason uncloaked!" rule (closes: #546004)
  - added "Peer unexpectedly shrunk window" alternate rule
  - allow '-' in usbcore interface driver names (e.g. snd-usb-audio)
* ignore.d.workstation/kernel:
  - added UDF-fs "readonly partition" and "Mounting volume" rules
  - usbhid no longer prints the source filename in its messages
  - allow ':' and arbitrary paths for input devices
  - adjusted "USB HID" rule to match generic devices
  - adjusted "USB HID" rule for newer kernels
  - adjusted agpgart rules for newer kernels

9. By Loïc Minier on 2010-01-31

* Merge with Debian unstable to minimize delta and get some recent fixes;
  remaining changes:
  - rulefiles/linux/ignore.d.server/ssh: Add "disconnected by user" re in
    the "Received disconnect from" series; this now occurs frequently with
    lucid ssh clients.

8. By Loïc Minier on 2010-01-28

rulefiles/linux/ignore.d.server/ssh: Add "disconnected by user" re in the
"Received disconnect from" series; this now occurs frequently with lucid
ssh clients.

7. By Loïc Minier on 2010-01-21

* rulefiles/linux/ignore.d.paranoid/cron: make /usr/sbin/ optional in
  pathnames to cron; apparently a difference between syslog and rsyslog;
  LP: #463471.
* rulefiles/linux/ignore.d.paranoid/sysklogd: more specific matching of
  upstream version and optional Debian/Ubuntu revision (DEBRELEASE), also
  allow all allowed chars in revision fixes matching of Ubuntu versions;
  LP: #116773.

6. By madduck on 2009-12-30

[ Hannes von Haugwitz ]
* Added rule for fcron
* ignore.d.server/nagios
  - ignore harmless "CURRENT (HOST|SERVICE) STATE" messages
* ignore.d.workstation/kernel
  - ignore "set mode" message from DRM
  - added some rules for WLAN authentication and association
  - ignore "thinkpad_acpi: EC reports that Thermal Table has changed" message
* Added nslcd rule for ldap server connection
* ignore.d.server/cron-apt
  - ignore disk space freed message, thanks to Tim Small (closes: #557087)
  - tiny regex code change
* Deleting obsolete conffiles in logcheck-database.preinst
  - ignore.d.server/oidentd, also in oidentd (closes: #544686, #560428)
* ignore.d.server/dhclient
  - adjusted rule to match new web address
* ignore.d.workstation/xdm
  - ignore successful kerberos authentication
* Added xscreensaver rule for successful kerberos authentication

5. By Rhonda D'Vine on 2009-12-07

[ Hannes von Haugwitz ]
* ignore.d.workstation/ifplugd
  - ignore link beat detection
* ignore.d.server/smartd
  - added rule to match completed self-test
  - added rules to match more self-test messages
* Added some rules for wpasupplicant (closes: #544084)
* ignore.d.server/su, violations.ignore.d/logcheck-su
  - adjusted su rules to also match /dev/ prefix (closes: #551340)
* Added rule for apcupsd (closes: #535976)

[ Frédéric Brière ]
* Adjusted various kernel SCSI rules for removable media
* Added USB kernel rules for USB_ANNOUNCE_NEW_DEVICES
* Merged USB "new device" and "reset device" rules
* Ignore "UDP: bad checksum" and "UDP: short packet" kernel messages
* Corrected xdm pam_session rules (closes: #508335)
* Updated acpid "client has disconnected" rule
* Updated libpam-mount "realpath of X is Y" rule
* Added libpam-mount "Command successful" rule
* Adjusted ssh "Authentication failure" rule for "invalid user"
* Updated cron-apt "Fetched" rule to match new time formats
  (closes: #531596)
* Updated cron-apt rules to match all possible sizes and lengths
* Replaced bashisms with POSIX equivalents (closes: #508546)
* Depend on rsyslog by default (closes: #526911)
* Dropped (now useless) ownership/permissions fixes on /var/lock/logcheck
* ignore.d.server/openvpn: (closes: #499323)
  - match pathless ifconfig/route
  - match '.' and '_' in interface names
  - added "authentication succeeded' rule
* ignore.d.server/dhcp:
  - interface names can have underscore in them (closes: #518422)
  - merged "Wrote X to leases file" rules, and added new ones
    (closes: #526116)
* ignore.d.server/scponly: (closes: #506333)
  - added missing process name before PID
  - added the exhaustive list of commands allowed by scponly
* Added rule for ext3 writeback data mode (closes: #542273)
* ignore.d.server/dovecot:
  - replaced the (incomplete) method list with a wildcard (closes: #530591)
  - added I/O stats at the end of "Logged out" (closes: #538696)
  - added "discarded duplicate forward" and optional spacing to deliver
    rule (closes: #510889)
* ignore.d.server/openvpn:
  - recognize some more options for PUSH_REPLY (closes: #511353)
* ignore.d.server/postfix: (closes: #529367)
  - allow optional port number after "setting up TLS connection"
  - recognize "Trusted TLS connection established"
* ignore.d.server/postfix:
  - allow <> as MAIL FROM in various messages
  - removing wildcard "reject: (RCPT|MAIL)" rule
* ignore.d.server/innd:
  - added "no_read"/"no_post" rule (closes: #533487)
* ignore.d.server/bind:
  - added various connection failure resolver messages (closes: #536071)
* ignore.d.workstation/kernel:
  - adjusted sd "hardware sectors" rule for 2.6.28 (closes: #542390)
  - further adjusted that rule for 2.6.31-rc1
* logtail/logtail2 no longer ignore -o when called with only one argument
  (closes: #453309)
* Deleting obsolete conffiles in logcheck-database.preinst
  - ignore.d.server/lpr, replaced by lpr
  - ignore.d.server/ntp, replaced by ntp
  - ignore.d.server/sendmail, also in sendmail-base (closes: #542265)
  - deleting all the conffiles dropped over the years (closes: #453519)
* Quote most variables and commands in logcheck
* Allow filenames with spaces in logcheck.logfiles (closes: #319169)
* ignore.d.server/smartd:
  - Replaced hardcoded controller list with generic pattern (closes: #555828)

[ Gerfried Fuchs ]
* Upload to unstable.
* Bump to Standards-Version 3.8.3.

4. By Rhonda D'Vine on 2009-02-11

[ Gerfried Fuchs ]
* Merge ssh rule change from violations.ignore.d/logcheck-ssh to
  ignore.d.server/ssh (closes: #500017)
* Rule changes pulled from 1.3 branch:
  - ignore.d.server/upsd:
    + ignore client connection messages (closes: #495923).
  - violations.d/su:
    + match both, user-root and user:root styles (closes: #491694).
* ignore.d.server/nagios, violations.ignore.d/logcheck-nagios: also support
  nagios3 as string in the log lines (closes: #514335).

3. By madduck on 2007-01-30

* ignore.d.server/dovecot: also ignore local logins, which are "secured",
  not "TLS". Thanks to Marco Nenciarini for the patch (closes: #407642).

* ignore.d.workstation/kernel: ignore all kinds of input devices, not just
  Logitech mice; thanks to Dave Vehrs for the patch (closes: #407087).
* ignore.d.server/kernel: patch by Elmar Hoffmann to filter messages by
  3ware driver (closes: #408764).

* ignore.d.server/postfix: make anvil filter rules ipv6 compliant.
* violations.ignore.d/logcheck-postfix: ignore deferred messages after
  rewriting the address (orig_to in use).
* violations.ignore.d/logcheck-postfix: ignore plain informational messages
  even if they contain some of the violations.d/logcheck words.
* ignore.d.server/postfix: ignore messages about successful deliveries to
  IMail servers (and possibly others; closes: #407777).
* ignore.d.server/postfix: patch by Armin Berres to filter information
  messages from postfix+mysql (closes: #408444).
* ignore.d.server/postfix: patch by Armin Berres to filter policyd-weight
  messages (closes: #408700).
* ignore.d.server/postfix: ignore messages about numeric MX results by smtpd
  as well.
* violations.ignore.d/logcheck-postfix: ignore lmtp message when content
  filter muted DSN.
* ignore.d.server/postfix: ignore message due to timeout receiving the
  initial server greeting.

* ignore.d.server/openvpn: ignore messages related to client-side routes and
  client-config-dir.
* ignore.d.server/openvpn, violations.ignore.d/logcheck-openvpn: fix up
  a bunch of the rules for various stages of the connections.

* ignore.d.server/ssh: ignore messages about invalid users even with <!>'"
  characters in the usernames.
* ignore.d.server/ssh: ignore messages related to Allow/DenyUsers
  (closes: #407009).
* violations.ignore.d/logcheck-ssh: ignore more PAM authentication failure
  messages.

* ignore.d.server/courier, violations.ignore.d/loghceck-courier: ignore
  SSL/TLS connection errors for all components.

* ignore.d.workstation/logcheck, ignore.d.server/cracklib: moved cracklib
  rules to server level (closes: #408557).

* ignore.d.server/epmd: ignore information output from erlang-base daemon
  epmd; thanks Armin Berres for the patch (closes: #408559).

* ignore.d.server/spamd: improve rules for corner cases, thanks to Armin
  Berres for his help.

* violations.d/smartd: no longer elevate temperature messages as smartd does
  that already (closes: #407734).
* ignore.d.server/smartd: ignore raw values in attribute change messages;
  thanks to Elmar Hoffmann (closes: #408890).
* ignore.d.server/smartd: honour exclamation mark for max value in attribute
  change value; thanks to Elmar Hoffmann (closes: #408901).

* ignore.d.server/squid: ignore vary store marker object mismatches.

* Added Galician debconf translation by Jacobo Tarrio (closes: #408123).

* Updated Czech debconf translation; thanks Miroslav Kure (closes: #407830).

2. By Todd Troxell on 2005-04-19

todd:
Fix logcheck upgrade script to set owner on lock directory properly
Thanks Marco Valli, Maks

1. By Todd Troxell on 2004-06-10

maks:
Fix broken cleancheck call. (Closes: #252966, #253075, #253260, #253486)