]>
Commit | Line | Data |
---|---|---|
fefc5001 | 1 | Summary: Mails anomalies in the system logfiles to the administrator |
e8799f82 | 2 | Summary(pl.UTF-8): Wysyłanie anomalii w logach systemowych pocztą do administratora |
fa65e2f8 | 3 | Name: logcheck |
76fb9160 | 4 | Version: 1.3.1 |
c06d3429 | 5 | Release: 1 |
385d7c2d | 6 | License: GPL |
675e6d48 | 7 | Group: Applications/System |
fefc5001 | 8 | Source0: http://ftp.debian.org/debian/pool/main/l/logcheck/%{name}_%{version}.tar.gz |
76fb9160 | 9 | # Source0-md5: 1b000602ef86eebc30a60340484d79d7 |
675e6d48 | 10 | Patch0: %{name}-pld.patch |
111741a8 | 11 | Patch1: %{name}-command_correct.patch |
fefc5001 ER |
12 | Source1: %{name}.cron |
13 | URL: http://logcheck.alioth.debian.org/ | |
14 | BuildRequires: rpmbuild(macros) >= 1.202 | |
15 | Requires(postun): /usr/sbin/groupdel | |
16 | Requires(postun): /usr/sbin/userdel | |
17 | Requires(pre): /bin/id | |
18 | Requires(pre): /usr/bin/getgid | |
19 | Requires(pre): /usr/sbin/groupadd | |
20 | Requires(pre): /usr/sbin/useradd | |
21 | Requires: %{name}-database = %{version}-%{release} | |
59a50259 | 22 | Requires: /bin/mail |
0cf7a015 | 23 | Requires: crondaemon |
7aedf30f | 24 | Requires: lockfile-progs |
fefc5001 | 25 | Requires: logtail = %{version}-%{release} |
59a50259 ER |
26 | Requires: mktemp |
27 | #Suggests: /usr/bin/syslog-summary | |
fefc5001 | 28 | BuildArch: noarch |
ce9db551 | 29 | BuildRoot: %{tmpdir}/%{name}-%{version}-root-%(id -u -n) |
bd12b010 | 30 | |
675e6d48 | 31 | %define _sysconfdir /etc/logcheck |
32 | ||
eee721d8 | 33 | %description |
fefc5001 ER |
34 | Logcheck is a simple utility which is designed to allow a system |
35 | administrator to view the logfiles which are produced upon hosts under | |
36 | their control. | |
37 | ||
38 | It does this by mailing summaries of the logfiles to them, after first | |
39 | filtering out "normal" entries. | |
40 | ||
41 | Normal entries are entries which match one of the many included | |
42 | regular expression files contain in the database. | |
43 | ||
44 | Logcheck was part of the Abacus Project of security tools, but this | |
45 | version has been rewritten. | |
46 | ||
4d4483ab JR |
47 | %description -l pl.UTF-8 |
48 | logcheck to proste narzędzie zaprojektowane aby umożliwić | |
49 | administratorowi systemu oglądanie plików logów tworzonych przez | |
50 | maszyny, które ma pod kontrolą. | |
6aed2bcc | 51 | |
4d4483ab JR |
52 | Wykonuje to poprzez wysyłanie pocztą elektroniczną do administratora |
53 | podsumowań plików logów po odfiltrowaniu "zwykłych" wpisów. | |
6aed2bcc | 54 | |
4d4483ab JR |
55 | Zwykłe wpisy to wpisy pasujące do jednego z wielu załączonych plików |
56 | wyrażeń regularnych zawartych w bazie danych. | |
6aed2bcc | 57 | |
4d4483ab JR |
58 | logcheck był częścią projektu Abacus z narzędziami związanymi z |
59 | bezpieczeństwem, ale ta wersja została przepisana. | |
6aed2bcc | 60 | |
fefc5001 | 61 | %package database |
6aed2bcc | 62 | Summary: Database of system log rules for the use of log checkers |
e8799f82 | 63 | Summary(pl.UTF-8): Baza danych reguł loga systemowego do używania z narzędziami sprawdzającymi logi |
fefc5001 ER |
64 | Group: Applications/System |
65 | ||
66 | %description database | |
67 | This database is part of the Logcheck package, but might be used by | |
68 | others. It brings a database of regular expressions for matching | |
69 | system log entries after various criteria. | |
385d7c2d | 70 | |
4d4483ab JR |
71 | %description database -l pl.UTF-8 |
72 | Ta baza danych jest częścią pakietu logcheck, ale może być używana | |
73 | przez inne programy. Zawiera wyrażenia regularne do dopasowywania | |
74 | wpisów logów systemowych z użyciem różnych kryteriów. | |
6aed2bcc | 75 | |
bd12b010 | 76 | %package -n logtail |
fefc5001 | 77 | Summary: Print log file lines that have not been read |
e8799f82 | 78 | Summary(pl.UTF-8): Wypisywanie nieprzeczytanych linii pliku loga |
bd12b010 | 79 | Group: Applications/System |
c06d3429 | 80 | Obsoletes: retail |
bd12b010 ER |
81 | |
82 | %description -n logtail | |
fefc5001 ER |
83 | This program will read in a standard text file and create an offset |
84 | marker when it reads the end. The offset marker is read the next time | |
85 | logtail is run and the text file pointer is moved to the offset | |
86 | location. This allows logtail to read in the next lines of data | |
87 | following the marker. This is good for marking log files for automatic | |
88 | log file checkers to monitor system events. | |
89 | ||
90 | This program is mainly used by logcheck, because it returns only parts | |
91 | of the system logfiles that have not already been checked. | |
bd12b010 | 92 | |
4d4483ab JR |
93 | %description -n logtail -l pl.UTF-8 |
94 | Ten program czyta standardowy plik tekstowy, a po doczytaniu do końca | |
95 | tworzy znacznik offsetu. Przy następnym uruchomieniu logtaila | |
96 | odczytywany jest znacznik offsetu i wskaźnik tekstu jest przesuwany do | |
97 | tego offsetu. Pozwala to logtailowi czytać kolejne linie danych za | |
98 | znacznikiem. Jest to dobre narzędzie do oznaczania plików logów dla | |
99 | narzędzi do automatycznego sprawdzania plików logów i monitorowania | |
100 | zdarzeń systemowych. | |
101 | ||
102 | Ten program jest używany głównie przez logcheck, ponieważ zwraca tylko | |
103 | te części plików logów systemowych, które nie zostały jeszcze | |
6aed2bcc JB |
104 | przeczytane. |
105 | ||
eee721d8 | 106 | %prep |
76fb9160 | 107 | %setup -q -n %{name} |
7aedf30f | 108 | %patch0 -p1 |
111741a8 | 109 | %patch1 -p1 |
eee721d8 AF |
110 | |
111 | %install | |
112 | rm -rf $RPM_BUILD_ROOT | |
fefc5001 | 113 | install -d $RPM_BUILD_ROOT{%{_sysconfdir},/etc/cron.d,%{_sbindir},%{_bindir}} |
eee721d8 | 114 | |
fefc5001 ER |
115 | %{__make} install \ |
116 | DESTDIR=$RPM_BUILD_ROOT | |
eee721d8 | 117 | |
fefc5001 | 118 | install %{SOURCE1} $RPM_BUILD_ROOT/etc/cron.d/%{name} |
eee721d8 | 119 | |
97717c41 | 120 | mv $RPM_BUILD_ROOT{%{_sbindir},%{_bindir}}/logtail |
b39384e3 | 121 | mv $RPM_BUILD_ROOT{%{_sbindir},%{_bindir}}/logtail2 |
7aedf30f ER |
122 | |
123 | cat <<'EOF'> $RPM_BUILD_ROOT%{_sysconfdir}/header.txt | |
124 | This email is sent by logcheck. If you wish to no-longer receive it, | |
125 | you can either deinstall the logcheck package or modify its | |
59a50259 | 126 | configuration file (%{_sysconfdir}/logcheck.conf). |
7aedf30f | 127 | EOF |
97717c41 | 128 | |
eee721d8 AF |
129 | %clean |
130 | rm -rf $RPM_BUILD_ROOT | |
131 | ||
fefc5001 ER |
132 | %pre |
133 | %groupadd -g 173 %{name} | |
7aedf30f | 134 | %useradd -u 173 -d /var/lib/%{name} -g logcheck -c "Logcheck User" %{name} |
fefc5001 ER |
135 | |
136 | %postun | |
137 | if [ "$1" = "0" ]; then | |
138 | %userremove %{name} | |
139 | %groupremove %{name} | |
140 | fi | |
141 | ||
eee721d8 AF |
142 | %files |
143 | %defattr(644,root,root,755) | |
fefc5001 ER |
144 | %doc AUTHORS CHANGES CREDITS TODO |
145 | %doc docs/README.{how.to.interpret,keywords,logcheck,Maintainer} docs/tools/log-summary-ssh | |
146 | %attr(710,root,logcheck) %dir %{_sysconfdir} | |
147 | %dir %attr(2750,root,logcheck) %{_sysconfdir}/cracking.d | |
148 | %dir %attr(2750,root,logcheck) %{_sysconfdir}/cracking.ignore.d | |
149 | %dir %attr(2750,root,logcheck) %{_sysconfdir}/violations.d | |
150 | %dir %attr(2750,root,logcheck) %{_sysconfdir}/violations.ignore.d | |
151 | %dir %attr(2750,root,logcheck) %{_sysconfdir}/ignore.d.workstation | |
152 | %dir %attr(2750,root,logcheck) %{_sysconfdir}/ignore.d.server | |
153 | %dir %attr(2750,root,logcheck) %{_sysconfdir}/ignore.d.paranoid | |
154 | %attr(640,root,logcheck) %config(noreplace) %verify(not md5 mtime size) %{_sysconfdir}/logcheck.conf | |
155 | %attr(640,root,logcheck) %config(noreplace) %verify(not md5 mtime size) %{_sysconfdir}/logcheck.logfiles | |
156 | %attr(640,root,logcheck) %config(noreplace) %verify(not md5 mtime size) %{_sysconfdir}/header.txt | |
157 | %attr(600,root,root) %config(noreplace) %verify(not md5 mtime size) /etc/cron.d/%{name} | |
675e6d48 | 158 | %attr(755,root,root) %{_sbindir}/logcheck |
7aedf30f ER |
159 | %dir %attr(770,root,logcheck) /var/lib/logcheck |
160 | %dir %attr(770,root,logcheck) /var/lock/logcheck | |
fefc5001 ER |
161 | |
162 | %files database | |
163 | %defattr(644,root,root,755) | |
164 | %config %verify(not md5 mtime size) %{_sysconfdir}/cracking.d/* | |
165 | %config %verify(not md5 mtime size) %{_sysconfdir}/violations.d/* | |
166 | %config %verify(not md5 mtime size) %{_sysconfdir}/violations.ignore.d/* | |
167 | %config %verify(not md5 mtime size) %{_sysconfdir}/ignore.d.workstation/* | |
168 | %config %verify(not md5 mtime size) %{_sysconfdir}/ignore.d.server/* | |
169 | %config %verify(not md5 mtime size) %{_sysconfdir}/ignore.d.paranoid/* | |
bd12b010 ER |
170 | |
171 | %files -n logtail | |
172 | %defattr(644,root,root,755) | |
b39384e3 | 173 | %attr(755,root,root) %{_bindir}/logtail* |
698fd21b | 174 | %{_datadir}/logtail |