[Logcheck-commits] CVS logcheck/src

CVS User maks-guest logcheck-devel at lists.alioth.debian.org
Thu Sep 1 16:32:40 UTC 2005 

Update of /cvsroot/logcheck/logcheck/src
In directory haydn:/tmp/cvs-serv25933/src

Modified Files:
	logcheck 
Log Message:

futher enhance the work out of the box testcase:
* define root as mail recipient
* check if logcheck.logfiles is readable before sourcing
* fallback to read syslog if no other source of logfiles is given

[ the user creation is still a picky stuff ]


--- /cvsroot/logcheck/logcheck/src/logcheck	2005/09/01 16:15:08	1.124
+++ /cvsroot/logcheck/logcheck/src/logcheck	2005/09/01 16:32:39	1.125
@@ -22,7 +22,7 @@
 # along with Logcheck; if not, write to the Free Software
 # Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA  02111-1307  USA
 
-# $Id: logcheck,v 1.124 2005/09/01 16:15:08 maks-guest Exp $
+# $Id: logcheck,v 1.125 2005/09/01 16:32:39 maks-guest Exp $
 
 if [ $UID == 0 ]; then
     echo "logcheck should not be run as root. Use su to invoke logcheck:"
@@ -51,6 +51,9 @@
 # Set the default report level
 REPORTLEVEL="server"
 
+# default to sent mails to local root
+SENDMAILTO="root"
+
 # Set the default subject lines
 ATTACKSUBJECT="Security Alerts"
 SECURITYSUBJECT="Security Events"
@@ -62,6 +65,7 @@
 CONFFILE="/etc/logcheck/logcheck.conf"
 STATEDIR="/var/lib/logcheck"
 LOGFILES_LIST="/etc/logcheck/logcheck.logfiles"
+LOGFILE_FALLBACK="/var/log/syslog"
 LOGTAIL="/usr/sbin/logtail"
 CAT="/bin/cat"
 SYSLOG_SUMMARY="/usr/bin/syslog-summary"
@@ -634,7 +638,7 @@
 # Handle log rotation correctly, idea taken from Wiktor Niesiobedzki.
 mkdir $TMPDIR/logoutput \
     || error "Could not mkdir for log files"
-if [ ! $LOGFILE ]; then
+if [ ! $LOGFILE ] && [ -r $LOGFILES_LIST ]; then
     for file in $(egrep --text -v "(^#|^[[:space:]]*$)" $LOGFILES_LIST); do
 	logoutput "$file"
     done 
@@ -644,6 +648,10 @@
     else
     	error "$LOGFILE don't exist or we do not have permissions to read it"
     fi
+elif [ -r $LOGFILE_FALLBACK ]; then
+        logoutput "$LOGFILE_FALLBACK"
+else
+    error "Gave up no Logfile exist or we do not have permissions to read it"
 fi
 
 # First sort the logs to remove duplicate lines (from different logfiles with

More information about the Logcheck-commits mailing list