]>
Commit | Line | Data |
---|---|---|
fefc5001 | 1 | Summary: Mails anomalies in the system logfiles to the administrator |
e8799f82 | 2 | Summary(pl.UTF-8): Wysyłanie anomalii w logach systemowych pocztą do administratora |
fa65e2f8 | 3 | Name: logcheck |
e5b59dba | 4 | Version: 1.3.20 |
c06d3429 | 5 | Release: 1 |
385d7c2d | 6 | License: GPL |
675e6d48 | 7 | Group: Applications/System |
e5b59dba JR |
8 | Source0: http://ftp.debian.org/debian/pool/main/l/logcheck/%{name}_%{version}.tar.xz |
9 | # Source0-md5: 1c6e9a97f9cc485353c25147cb99fb25 | |
675e6d48 | 10 | Patch0: %{name}-pld.patch |
111741a8 | 11 | Patch1: %{name}-command_correct.patch |
fefc5001 ER |
12 | Source1: %{name}.cron |
13 | URL: http://logcheck.alioth.debian.org/ | |
14 | BuildRequires: rpmbuild(macros) >= 1.202 | |
15 | Requires(postun): /usr/sbin/groupdel | |
16 | Requires(postun): /usr/sbin/userdel | |
17 | Requires(pre): /bin/id | |
18 | Requires(pre): /usr/bin/getgid | |
19 | Requires(pre): /usr/sbin/groupadd | |
20 | Requires(pre): /usr/sbin/useradd | |
21 | Requires: %{name}-database = %{version}-%{release} | |
59a50259 | 22 | Requires: /bin/mail |
0cf7a015 | 23 | Requires: crondaemon |
7aedf30f | 24 | Requires: lockfile-progs |
fefc5001 | 25 | Requires: logtail = %{version}-%{release} |
59a50259 ER |
26 | Requires: mktemp |
27 | #Suggests: /usr/bin/syslog-summary | |
fefc5001 | 28 | BuildArch: noarch |
ce9db551 | 29 | BuildRoot: %{tmpdir}/%{name}-%{version}-root-%(id -u -n) |
bd12b010 | 30 | |
675e6d48 | 31 | %define _sysconfdir /etc/logcheck |
32 | ||
eee721d8 | 33 | %description |
fefc5001 ER |
34 | Logcheck is a simple utility which is designed to allow a system |
35 | administrator to view the logfiles which are produced upon hosts under | |
36 | their control. | |
37 | ||
38 | It does this by mailing summaries of the logfiles to them, after first | |
39 | filtering out "normal" entries. | |
40 | ||
41 | Normal entries are entries which match one of the many included | |
42 | regular expression files contain in the database. | |
43 | ||
44 | Logcheck was part of the Abacus Project of security tools, but this | |
45 | version has been rewritten. | |
46 | ||
4d4483ab JR |
47 | %description -l pl.UTF-8 |
48 | logcheck to proste narzędzie zaprojektowane aby umożliwić | |
49 | administratorowi systemu oglądanie plików logów tworzonych przez | |
50 | maszyny, które ma pod kontrolą. | |
6aed2bcc | 51 | |
4d4483ab JR |
52 | Wykonuje to poprzez wysyłanie pocztą elektroniczną do administratora |
53 | podsumowań plików logów po odfiltrowaniu "zwykłych" wpisów. | |
6aed2bcc | 54 | |
4d4483ab JR |
55 | Zwykłe wpisy to wpisy pasujące do jednego z wielu załączonych plików |
56 | wyrażeń regularnych zawartych w bazie danych. | |
6aed2bcc | 57 | |
ff4362d2 | 58 | logcheck był częścią projektu Abacus z narzędziami związanymi z |
4d4483ab | 59 | bezpieczeństwem, ale ta wersja została przepisana. |
6aed2bcc | 60 | |
fefc5001 | 61 | %package database |
6aed2bcc | 62 | Summary: Database of system log rules for the use of log checkers |
e8799f82 | 63 | Summary(pl.UTF-8): Baza danych reguł loga systemowego do używania z narzędziami sprawdzającymi logi |
fefc5001 ER |
64 | Group: Applications/System |
65 | ||
66 | %description database | |
67 | This database is part of the Logcheck package, but might be used by | |
68 | others. It brings a database of regular expressions for matching | |
69 | system log entries after various criteria. | |
385d7c2d | 70 | |
4d4483ab JR |
71 | %description database -l pl.UTF-8 |
72 | Ta baza danych jest częścią pakietu logcheck, ale może być używana | |
73 | przez inne programy. Zawiera wyrażenia regularne do dopasowywania | |
74 | wpisów logów systemowych z użyciem różnych kryteriów. | |
6aed2bcc | 75 | |
bd12b010 | 76 | %package -n logtail |
fefc5001 | 77 | Summary: Print log file lines that have not been read |
e8799f82 | 78 | Summary(pl.UTF-8): Wypisywanie nieprzeczytanych linii pliku loga |
bd12b010 | 79 | Group: Applications/System |
c06d3429 | 80 | Obsoletes: retail |
bd12b010 ER |
81 | |
82 | %description -n logtail | |
fefc5001 ER |
83 | This program will read in a standard text file and create an offset |
84 | marker when it reads the end. The offset marker is read the next time | |
85 | logtail is run and the text file pointer is moved to the offset | |
86 | location. This allows logtail to read in the next lines of data | |
87 | following the marker. This is good for marking log files for automatic | |
88 | log file checkers to monitor system events. | |
89 | ||
90 | This program is mainly used by logcheck, because it returns only parts | |
91 | of the system logfiles that have not already been checked. | |
bd12b010 | 92 | |
4d4483ab JR |
93 | %description -n logtail -l pl.UTF-8 |
94 | Ten program czyta standardowy plik tekstowy, a po doczytaniu do końca | |
95 | tworzy znacznik offsetu. Przy następnym uruchomieniu logtaila | |
96 | odczytywany jest znacznik offsetu i wskaźnik tekstu jest przesuwany do | |
97 | tego offsetu. Pozwala to logtailowi czytać kolejne linie danych za | |
98 | znacznikiem. Jest to dobre narzędzie do oznaczania plików logów dla | |
99 | narzędzi do automatycznego sprawdzania plików logów i monitorowania | |
100 | zdarzeń systemowych. | |
101 | ||
102 | Ten program jest używany głównie przez logcheck, ponieważ zwraca tylko | |
103 | te części plików logów systemowych, które nie zostały jeszcze | |
6aed2bcc JB |
104 | przeczytane. |
105 | ||
eee721d8 | 106 | %prep |
e5b59dba | 107 | %setup -q -n %{name} |
7aedf30f | 108 | %patch0 -p1 |
111741a8 | 109 | %patch1 -p1 |
eee721d8 | 110 | |
e5b59dba JR |
111 | %{__sed} -E -i -e '1s,#!\s*/usr/bin/env\s+bash(\s|$),#!/bin/bash\1,' \ |
112 | src/logcheck | |
113 | ||
eee721d8 AF |
114 | %install |
115 | rm -rf $RPM_BUILD_ROOT | |
fefc5001 | 116 | install -d $RPM_BUILD_ROOT{%{_sysconfdir},/etc/cron.d,%{_sbindir},%{_bindir}} |
eee721d8 | 117 | |
fefc5001 ER |
118 | %{__make} install \ |
119 | DESTDIR=$RPM_BUILD_ROOT | |
eee721d8 | 120 | |
fefc5001 | 121 | install %{SOURCE1} $RPM_BUILD_ROOT/etc/cron.d/%{name} |
eee721d8 | 122 | |
97717c41 | 123 | mv $RPM_BUILD_ROOT{%{_sbindir},%{_bindir}}/logtail |
b39384e3 | 124 | mv $RPM_BUILD_ROOT{%{_sbindir},%{_bindir}}/logtail2 |
7aedf30f ER |
125 | |
126 | cat <<'EOF'> $RPM_BUILD_ROOT%{_sysconfdir}/header.txt | |
127 | This email is sent by logcheck. If you wish to no-longer receive it, | |
128 | you can either deinstall the logcheck package or modify its | |
59a50259 | 129 | configuration file (%{_sysconfdir}/logcheck.conf). |
7aedf30f | 130 | EOF |
97717c41 | 131 | |
eee721d8 AF |
132 | %clean |
133 | rm -rf $RPM_BUILD_ROOT | |
134 | ||
fefc5001 ER |
135 | %pre |
136 | %groupadd -g 173 %{name} | |
7aedf30f | 137 | %useradd -u 173 -d /var/lib/%{name} -g logcheck -c "Logcheck User" %{name} |
fefc5001 ER |
138 | |
139 | %postun | |
140 | if [ "$1" = "0" ]; then | |
141 | %userremove %{name} | |
142 | %groupremove %{name} | |
143 | fi | |
144 | ||
eee721d8 AF |
145 | %files |
146 | %defattr(644,root,root,755) | |
fefc5001 ER |
147 | %doc AUTHORS CHANGES CREDITS TODO |
148 | %doc docs/README.{how.to.interpret,keywords,logcheck,Maintainer} docs/tools/log-summary-ssh | |
149 | %attr(710,root,logcheck) %dir %{_sysconfdir} | |
150 | %dir %attr(2750,root,logcheck) %{_sysconfdir}/cracking.d | |
151 | %dir %attr(2750,root,logcheck) %{_sysconfdir}/cracking.ignore.d | |
152 | %dir %attr(2750,root,logcheck) %{_sysconfdir}/violations.d | |
153 | %dir %attr(2750,root,logcheck) %{_sysconfdir}/violations.ignore.d | |
154 | %dir %attr(2750,root,logcheck) %{_sysconfdir}/ignore.d.workstation | |
155 | %dir %attr(2750,root,logcheck) %{_sysconfdir}/ignore.d.server | |
156 | %dir %attr(2750,root,logcheck) %{_sysconfdir}/ignore.d.paranoid | |
157 | %attr(640,root,logcheck) %config(noreplace) %verify(not md5 mtime size) %{_sysconfdir}/logcheck.conf | |
158 | %attr(640,root,logcheck) %config(noreplace) %verify(not md5 mtime size) %{_sysconfdir}/logcheck.logfiles | |
159 | %attr(640,root,logcheck) %config(noreplace) %verify(not md5 mtime size) %{_sysconfdir}/header.txt | |
160 | %attr(600,root,root) %config(noreplace) %verify(not md5 mtime size) /etc/cron.d/%{name} | |
675e6d48 | 161 | %attr(755,root,root) %{_sbindir}/logcheck |
877a487c | 162 | %attr(755,root,root) %{_bindir}/logcheck-test |
7aedf30f ER |
163 | %dir %attr(770,root,logcheck) /var/lib/logcheck |
164 | %dir %attr(770,root,logcheck) /var/lock/logcheck | |
fefc5001 ER |
165 | |
166 | %files database | |
167 | %defattr(644,root,root,755) | |
168 | %config %verify(not md5 mtime size) %{_sysconfdir}/cracking.d/* | |
169 | %config %verify(not md5 mtime size) %{_sysconfdir}/violations.d/* | |
170 | %config %verify(not md5 mtime size) %{_sysconfdir}/violations.ignore.d/* | |
171 | %config %verify(not md5 mtime size) %{_sysconfdir}/ignore.d.workstation/* | |
172 | %config %verify(not md5 mtime size) %{_sysconfdir}/ignore.d.server/* | |
173 | %config %verify(not md5 mtime size) %{_sysconfdir}/ignore.d.paranoid/* | |
bd12b010 ER |
174 | |
175 | %files -n logtail | |
176 | %defattr(644,root,root,755) | |
b39384e3 | 177 | %attr(755,root,root) %{_bindir}/logtail* |
698fd21b | 178 | %{_datadir}/logtail |