[Logcheck-commits] CVS logcheck/rulefiles/linux/violations.ignore.d
CVS User maks-guest
logcheck-devel@lists.alioth.debian.org
Sun, 11 Jul 2004 11:42:45 -0600
Update of /cvsroot/logcheck/logcheck/rulefiles/linux/violations.ignore.d
In directory haydn:/tmp/cvs-serv18642/rulefiles/linux/violations.ignore.d
Modified Files:
logcheck-su
Log Message:
From: "Aaron M. Ucko" <ucko@debian.org>
generalize "nobody" to "[_[:alnum:]-]+"
--- /cvsroot/logcheck/logcheck/rulefiles/linux/violations.ignore.d/logcheck-su 2004/06/16 13:03:25 1.2
+++ /cvsroot/logcheck/logcheck/rulefiles/linux/violations.ignore.d/logcheck-su 2004/07/11 17:42:45 1.3
@@ -2,4 +2,4 @@
^\w{3} [ :0-9]{11} [._[:alnum:]-]+ su\[[0-9]+\]: \(pam_[[:alnum:]]+\) session opened for user [[:alnum:]-]+ by \(uid=[0-9]+\)$
^\w{3} [ :0-9]{11} [._[:alnum:]-]+ su\[[0-9]+\]: \(pam_[[:alnum:]]+\) session opened for user [[:alnum:]-]+ by [[:alnum:]-]+\(uid=[0-9]+\)$
^\w{3} [ :0-9]{11} [._[:alnum:]-]+ su\[[0-9]+\]: \(pam_[[:alnum:]]+\) session closed for user [[:alnum:]-]+$
-^\w{3} [ :0-9]{11} [._[:alnum:]-]+ su\[[0-9]+\]: \+ \?\?\? root:nobody$
+^\w{3} [ :0-9]{11} [._[:alnum:]-]+ su\[[0-9]+\]: \+ \?\?\? root:[_[:alnum:]-]+$