diff options
Diffstat (limited to 'security/logcheck/patches/patch-ab')
| -rw-r--r-- | security/logcheck/patches/patch-ab | 45 |
1 files changed, 40 insertions, 5 deletions
diff --git a/security/logcheck/patches/patch-ab b/security/logcheck/patches/patch-ab index c0048540a05..5e0b806bf5a 100644 --- a/security/logcheck/patches/patch-ab +++ b/security/logcheck/patches/patch-ab @@ -1,8 +1,8 @@ -$NetBSD: patch-ab,v 1.2 2001/07/17 15:50:32 nra Exp $ +$NetBSD: patch-ab,v 1.3 2003/05/01 20:43:42 jmmv Exp $ ---- systems/freebsd/logcheck.sh.orig Tue Jul 17 10:35:58 2001 -+++ systems/freebsd/logcheck.sh Tue Jul 17 10:35:35 2001 -@@ -52,7 +52,7 @@ +--- systems/freebsd/logcheck.sh.orig 1999-10-31 16:07:29.000000000 +0100 ++++ systems/freebsd/logcheck.sh +@@ -52,7 +52,7 @@ LOGTAIL=/usr/local/bin/logtail # You would also be well advised to make sure all your system/cron scripts # use this directory for their "scratch" area. @@ -11,7 +11,42 @@ $NetBSD: patch-ab,v 1.2 2001/07/17 15:50:32 nra Exp $ # The 'grep' command. This command MUST support the # '-i' '-v' and '-f' flags!! The GNU grep does this by default (that's -@@ -170,9 +170,10 @@ +@@ -89,7 +89,7 @@ MAIL=mail + # look for generic ISS probes (who the hell else looks for + # "WIZ" besides ISS?), and obvious sendmail attacks/probes. + +-HACKING_FILE=/usr/local/etc/logcheck.hacking ++HACKING_FILE=@PKG_SYSCONFDIR@/logcheck.hacking + + # File of security violation patterns to specifically look for. + # This file should contain keywords of information administrators should +@@ -98,7 +98,7 @@ HACKING_FILE=/usr/local/etc/logcheck.hac + # some items, but these will be caught by the next check. Move suspicious + # items into this file to have them reported regularly. + +-VIOLATIONS_FILE=/usr/local/etc/logcheck.violations ++VIOLATIONS_FILE=@PKG_SYSCONFDIR@/logcheck.violations + + # File that contains more complete sentences that have keywords from + # the violations file. These keywords are normal and are not cause for +@@ -115,14 +115,14 @@ VIOLATIONS_FILE=/usr/local/etc/logcheck. + # + # Again, be careful what you put in here and DO NOT LEAVE IT EMPTY! + +-VIOLATIONS_IGNORE_FILE=/usr/local/etc/logcheck.violations.ignore ++VIOLATIONS_IGNORE_FILE=@PKG_SYSCONFDIR@/logcheck.violations.ignore + + # This is the name of a file that contains patterns that we should + # ignore if found in a log file. If you have repeated false alarms + # or want specific errors ignored, you should put them in here. + # Once again, be as specific as possible, and go easy on the wildcards + +-IGNORE_FILE=/usr/local/etc/logcheck.ignore ++IGNORE_FILE=@PKG_SYSCONFDIR@/logcheck.ignore + + # The files are reported in the order of hacking, security + # violations, and unusual system events. Notice that this +@@ -170,9 +170,10 @@ fi #$LOGTAIL /var/log/secure >> $TMPDIR/check.$$ #$LOGTAIL /var/log/maillog >> $TMPDIR/check.$$ |