lp:ubuntu/natty/logcheck
- Get this branch:
- bzr branch lp:ubuntu/natty/logcheck
Branch information
- Owner:
- Ubuntu branches
- Status:
- Mature
Recent revisions
- 17. By Hannes von Haugwitz
-
* ignore.
d.server/ pure-ftpd:
- fixed user name pattern in logout message, thanks to Simon Breuss
(LP: #619119)
* violations.ignore. d/logcheck- sudo:
- match COMMAND=list and TTY=console, thanks to Michel Messerschmidt for
the patch (closes: #593482)
* ignore.d.server/ amavisd- new:
- applied changes by Christian Dröge (closes: #594605):
- IPv6 support for IP addresses
- allow PASSED SPAM in log
- optional minus sign after "Hits:"
- optional quarantine in log line
- optional Message-ID - 16. By Hannes von Haugwitz
-
[ Hanspeter Kunz ]
* ignore.d.server/ dhcp:
- generalized rule for "sending options to hosts"
- ignore reading global configuration from an LDAP directory
- allow dots in the DN (parsing of the DHCP configuration from LDAP dir)
- ignore reading subnet configuration from an LDAP directory
- ignore reading pool configuration from an LDAP directory[ Hannes von Haugwitz ]
* ignore.d.workstation/ kernel:
- ignore 'cfg80211: Calling CRDA to update world regulatory domain' message
- added rule to ignore 'No probe response from AP' message
* ignore.d.workstation/ wpasupplicant:
- added some rules to ignore WLAN disconnections
* ignore.d.server/ amavisd- new:
- match local mails in 'Passed CLEAN' message, thanks to Patrice Le Gurun
(closes: #563348)[ Gerfried Fuchs ]
* Re-integrating ignore.d.server/ amavisd- new after a long time
(closes: #583155)
* Add Replaces: amavisd-new (<= 2:2.6.4-1) to logcheck-database for that.
* Remove this file from the debian/logcheck- database. preinst OLD_CONFFILES
list. - 15. By Hannes von Haugwitz
-
[ Hannes von Haugwitz ]
* ignore.d.server/ smartd:
- ignore "scheduled Offline Immediate Test" (closes: #585802)
* ignore.d.workstation/ slim: new
- ignore session opened/closed messages
* debian/control:
- bumped to Standards-Version 3.9.1 (no changes necessary)
- depend on default-mta instead of exim4
* ignore.d.workstation/ wpasupplicant:
- match 5660 MHz in 'Trying to associate' message
* ignore.d.server/ libpam- krb5: new
- ignore successful kerberos authentication, thanks to
Russ Allbery (closes: #588285)
* violations.ignore. d/logcheck- sudo:
- ignore successful kerberos authentication, thanks to
Michel Messerschmidt (see: #588285)
* logcheck-database. preinst:
- deleting ignore.d.workstation/ xscreensaver, rule is covered
by i.d.s/libpam-krb5
- deleting ignore.d.server/ cracklib, rules maintained in cracklib-runtime
* ignore.d.workstation/ login:
- removed successful krb auth rule, rule is covered by i.d.s/libpam-krb5
* violations.ignore. d/logcheck- su:
- ignore successful kerberos authentication
* ignore.d.server/ smartd
- ignore 'state read' and 'state written' messages
* debian/copyright:
- updated copyright year to 2010
- added Marc, Hanspeter and myself as team members
* ignore.d.server/ dhclient:
- allow '-' in version string[ martin f. krafft ]
* ignore.d.server/ postfix:
- patch from Mathias Krause to address changes in policy-weightd log
message format.
* ignore.d.server/ ssh:
- messages about invalid users can contain zero-length usernames.
* ignore.d.server/ postfix:
- ignore delay notification log entries (closes: #589981).[ Hanspeter Kunz ]
* ignore.d.server/ dhcp:
- ignore messages about LDAP lookups of host entries
- ignore messages on sending options to hosts (as a result of LDAP lookups)
- ignore more balancing/balanced pool messages
- Found dhcpHWAddress: LDAP entries may contain underscores and dashes
- removed rule to "ignore messages about leased addresses which respond to
to ping requests" because this is probably caused by a misconfiguration
- ignore messages on xid-mismatches
- ignore messages on establishing a (TLS) connection to the LDAP server
- ignore successful logins to the LDAP server
- ignore successful parsing of the DHCP configuration from an LDAP directory
* ignore.d.server/ postfix:
- ignore another TLS library problem
(SSL23_GET_CLIENT_ HELLO:http request: s23_srvr. c:379)
* ignore.d.server/ dovecot:
- sieve: allow empty recipient address
- sieve: make "added by" optional - 14. By Hannes von Haugwitz
-
* logcheck-
database. preinst
- deleting ignore.d.server/ ntop, also in ntop (closes: #584824, #584849) - 13. By Hannes von Haugwitz
-
[ Hannes von Haugwitz ]
* ignore.d.workstation/ kernel:
- adjusted rule to ignore more "usb-storage" messages
- made 'AP ' optional in "wlan" message
* src/logcheck-test:
- fixed spelling error
* debian/control:
- added DM-Upload-Allowed field
* ignore.d.workstation/ wpasupplicant:
- match more frequencies in 'Trying to associate' message
* ignore.d.server/ bind:
- added rules to match bind's new syslog line format
- adjusted rule to also match 'network unreachable' error, thanks to
Bob Proulx (closes: #582060)
* ignore.d.workstation/ laptop- mode-tools: new
- added rule for some laptop-mode info messages[ Hanspeter Kunz ]
* ignore.d.server/ dovecot:
- sieve: msgids might be followed by "(added by ...)"[ martin f. krafft ]
* ignore.d.server/ postfix:
- fix rule to match greylisting notices.
* ignore.d.server/ ntop:
- ignore warnings about truncated packets.
* ignore.d.server/ schroot:
- ignore new-style PAM session notices.
* ignore.d.server/ pdns:
- update rules to match informational messages about incoming AXFR
transfers, as well as sqlite3 connections.
* ignore.d.server/ asterisk:
- ignore unknown attribute warnings/messages by rc_avpair_new.
* ignore.d.server/ git-daemon:
- ignore warnings on access to nonexistent git repository.
* ignore.d.server/ kernel:
- ignore message about kernel logging (proc) being stopped. - 12. By Hannes von Haugwitz
-
[ Hannes von Haugwitz ]
* src/logcheck-test:
- removed useless trap signal 16
* ignore.d.workstation/ wpasupplicant:
- allow '_' in id_str of CTRL-EVENT-CONNECTED message
- added rules for wpa_action messages
* ignore.d.workstation/ kernel:
- "Mode Sense" is hexadecimal, not just decimal
- ignore "usb-storage" message
* ignore.d.server/ kernel:
- ignore "using internal journal" message
- adjusted rule to match EXT3-fs and writeback data mode
* ignore.d.server/ bind:
- added rule to ignore "success resolving" messages
* ignore.d.server/ nfs:
- allow '_', '-' and '.' in mount path, thanks to
G. T. Laycock (closes: #575378)
* ignore.d.server/ nagios:
- allow '>=' in "SERVICE FLAPPING ALERT" message
- added rule to ignore "HOST FLAPPING ALERT" message
* src/logcheck:
- look for {header,footer}.txt in $RULEDIR, thanks to Kerstin Puschke
- cd to $STATEDIR before cleaning up temp dir, thanks to Kerstin Puschke
- fixed stream redirection of hostname command,
thanks to Bob Proulx (see #574858)
* ignore.d.server/ dnsmasq:
- adjusted rule to also match '-dhcp' suffix in dhcp subsystem messages,
thanks to Michał Sawicz
* Switch to dpkg-source 3.0 (native) format[ Gerfried Fuchs ]
* debian/logcheck. NEWS, debian/ logtail. NEWS:
- removed asterisk from entries
* docs/logcheck-test.1, docs/logtail.8, docs/logtail2.8:
- escaped dashes that really mean dashes[ Hanspeter Kunz ]
* ignore.d.server/ dovecot:
- ignore more failed and aborted logins
- msgid's may contain colons
- ignore discarded vacation responses (bulk, auto-submited, duplicates)
- ignore duplicate forwards
- ignore more "Connection closed" messages
- ignore "Too many invalid IMAP commands"
- ignore more "Connection closed" messages (MANAGESIEVE)
- ignore aborted authentications
* ignore.d.server/ postfix:
- ignore disconnects during EHLO (and not only HELO) handshakes
- merged 5 similar "lost connection" rules into one
* ignore.d.server/ kernel: ignore imklog startup messages - 11. By Loïc Minier
-
ignore.
d.server/ dnsmasq: allow -dhcp suffix in DHCP messages; taken from
Debian 1.3.8; LP: #508142. - 10. By Hannes von Haugwitz
-
[ Hannes von Haugwitz ]
* Added src/logcheck-test and docs/logcheck-test.1
* ignore.d.server/ wu-ftpd:
- adjusted rule to match optional pid (closes: #570207)
* src/logcheck:
- use 7bit encoding for sending mail
* ignore.d.workstation/ kernel:
- added rules for inserted and removed SD cards
* ignore.d.server/ mountd: new
- added rule for authenticated mount/unmount requests,
thanks to Paweł Hajdan, Jr. (closes: #567842)
* docs/logcheck.sgml: clarify that "server" rules are
included in "workstation" level
* ignore.d.server/ klogind: new
- added rule for "connect from" message
* ignore.d.server/ login:
- added rule for root logins on pseudo terminals
* ignore.d.server/ bind:
- added rules for "received notify for zone" and
"zone is up to date" message
* Makefile:
- added an empty "all" make target, thanks to
Paweł Hajdan, Jr. (closes: #567150)
- renamed BINDIR to SBINDIR
- added logtail2 script to "clean" make target
* ignore.d.server/ ssh:
- added rule for "disconnected by user" message (closes: #567317)
* ignore.d.workstation/ ifplugd:
- added rule for "client: OK" message
* debian/control:
- bumped to Standards-Version 3.8.4 (no changes necessary)
- added ${misc:Depends} to logtail Depends[ Hanspeter Kunz ]
* ignore.d.server/ dovecot:
- added an optional prefix "dovecot: " to the deliver rule
- added rule to ignore various sieve messages (stored mail, forwards,
vacation replies and discards)[ Frédéric Brière ]
* ignore.d.server/ kernel:
- added IPv6 support to "Treason uncloaked!" rule (closes: #546004)
- added "Peer unexpectedly shrunk window" alternate rule
- allow '-' in usbcore interface driver names (e.g. snd-usb-audio)
* ignore.d.workstation/ kernel:
- added UDF-fs "readonly partition" and "Mounting volume" rules
- usbhid no longer prints the source filename in its messages
- allow ':' and arbitrary paths for input devices
- adjusted "USB HID" rule to match generic devices
- adjusted "USB HID" rule for newer kernels
- adjusted agpgart rules for newer kernels - 9. By Loïc Minier
-
* Merge with Debian unstable to minimize delta and get some recent fixes;
remaining changes:
- rulefiles/linux/ignore. d.server/ ssh: Add "disconnected by user" re in
the "Received disconnect from" series; this now occurs frequently with
lucid ssh clients. - 8. By Loïc Minier
-
rulefiles/
linux/ignore. d.server/ ssh: Add "disconnected by user" re in the
"Received disconnect from" series; this now occurs frequently with lucid
ssh clients.
Branch metadata
- Branch format:
- Branch format 7
- Repository format:
- Bazaar repository format 2a (needs bzr 1.16 or later)
- Stacked on:
- lp:ubuntu/oneiric/logcheck