[Logcheck-commits] r1435 - in logcheck/trunk: debian rulefiles/linux/violations.ignore.d

madduck at users.alioth.debian.org madduck at users.alioth.debian.org
Wed Jan 10 20:59:45 CET 2007 

Author: madduck
Date: 2007-01-10 20:59:45 +0100 (Wed, 10 Jan 2007)
New Revision: 1435

Modified:
   logcheck/trunk/debian/changelog
   logcheck/trunk/rulefiles/linux/violations.ignore.d/logcheck-sudo
Log:
* violations.ignore.d/logcheck-sudo: properly ignore invocations of
  sudoedit.

Modified: logcheck/trunk/debian/changelog
===================================================================
--- logcheck/trunk/debian/changelog	2007-01-10 19:36:05 UTC (rev 1434)
+++ logcheck/trunk/debian/changelog	2007-01-10 19:59:45 UTC (rev 1435)
@@ -1,4 +1,4 @@
-logcheck (1.2.53) unstable; urgency=low
+logcheck (1.2.53~unreleased.3) unstable; urgency=low
 
   * violations.ignore.d/logcheck-postfix: ignore entries for messages
     bounced/deferred by the LDA.
@@ -36,8 +36,11 @@
     any type (related to mldonkey) in a hackish way, due to locale mismatches
     (see #350206).
 
- -- martin f. krafft <madduck at debian.org>  Wed, 10 Jan 2007 20:35:32 +0100
+  * violations.ignore.d/logcheck-sudo: properly ignore invocations of
+    sudoedit.
 
+ -- martin f. krafft <madduck at debian.org>  Wed, 10 Jan 2007 20:37:18 +0100
+
 logcheck (1.2.52) unstable; urgency=low
 
   * ignore.d.server/dovecot: cleanup of dovecot filters to match some more

Modified: logcheck/trunk/rulefiles/linux/violations.ignore.d/logcheck-sudo
===================================================================
--- logcheck/trunk/rulefiles/linux/violations.ignore.d/logcheck-sudo	2007-01-10 19:36:05 UTC (rev 1434)
+++ logcheck/trunk/rulefiles/linux/violations.ignore.d/logcheck-sudo	2007-01-10 19:59:45 UTC (rev 1435)
@@ -1,2 +1,2 @@
-^\w{3} [ :0-9]{11} [._[:alnum:]-]+ sudo:[[:space:]]+[_[:alnum:]-]+ : TTY=(unknown|(pts/|tty|vc/)[0-9]+) ; PWD=.+ ; USER=[^[:space:]]+ ; COMMAND=(/(usr|etc|bin|sbin)|sudoedit)/.*$
-^\w{3} [ :0-9]{11} [._[:alnum:]-]+ sudo:[[:space:]]+[_[:alnum:]-]+ : \(command continued\).*$
+^\w{3} [ :0-9]{11} [._[:alnum:]-]+ sudo:[[:space:]]+[_[:alnum:].-]+ : TTY=(unknown|(pts/|tty|vc/)[[:digit:]]+) ; PWD=[^;]+ ; USER=[._[:alnum:]-]+ ; COMMAND=(/(usr|etc|bin|sbin)/|sudoedit ).*$
+^\w{3} [ :0-9]{11} [._[:alnum:]-]+ sudo:[[:space:]]+[_[:alnum:].-]+ : \(command continued\).*$

More information about the Logcheck-commits mailing list