Bug#258735: [Logcheck-devel] Bug#258735: wrong permissions in /etc/logcheck

maks attems debian at sternwelten.at
Thu Jul 15 16:34:03 UTC 2004 

On Sun, 11 Jul 2004, Florian Schiessl wrote:

> Package: logcheck-database
> Version: 1.2.22a
> Severity: normal
> 
> -- System Information:
> Debian Release: testing/unstable
>   APT prefers testing
>   APT policy: (500, 'testing')
> Architecture: i386 (i686)
> Kernel: Linux 2.4.25-1-686
> Locale: LANG=C, LC_CTYPE=C
> 
> Versions of packages logcheck-database depends on:
> ii  debconf [debconf-2.0]         1.4.29     Debian configuration 
> management sy
> 
> -- debconf information:
> * logcheck-database/conffile-cleanup: true
> * logcheck-database/rules-directories-note:
> * logcheck-database/security_level: server
> * logcheck-database/standard-rename-note:
> 
> Hi,
> 
> I wondered why some of my ignore rules didn't apply. Then I recognized 
> that for example the file /etc/logcheck/ignore.d.server/spamd is owned 
> by root.root and not readable by others. So the cronjob, which runs 
> under the user logcheck, simply couldn't read this file.
> 
> Only a few files have this rights, not all. A chown -R root.logcheck 
> /etc/logcheck has helped.
> 
> If it's interesting, I upgraded from woody, it was no install from 
> beginning.
> 
> 
> Florian

i can confirm that an upgrades from woody has permissions problems
$ sudo ls -l /etc/logcheck/
total 12
drwxr-x---    2 root     root         1024 Jun 22 21:25 cracking.d
drwxr-x---    2 root     root         1024 May 16 08:37 cracking.ignore.d
-rw-r--r--    1 root     root          180 Apr 19 20:22 header.txt
drwxr-x---    2 root     root         1024 Jun 22 21:25 ignore.d.paranoid
drwxr-x---    2 root     root         2048 Jul  5 10:05 ignore.d.server
drwxr-x---    2 root     root         1024 Jun 22 21:25 ignore.d.workstation
-rw-r--r--    1 root     root         1931 Jun 10 10:20 logcheck.conf
-rw-r--r--    1 root     root          131 May 16 08:37 logcheck.logfiles
drwxr-x---    2 root     root         1024 Jun 22 21:25 violations.d
drwxr-x---    2 root     root         1024 Jul  6 00:28 violations.ignore.d

$  ls -ld /var/lib/logcheck/
 drwxr-xr-x    2 root     root         1024 May 16 08:37 /var/lib/logcheck/

$ ls -ld /var/state/logcheck/
drwxr-xr-x    2 root     root         1024 Jun 10 10:20 /var/state/logcheck/

looks like when upgrading from woody the postinstall didn't do its job.
did upgrade afterwards to 1.2.23 from sid and had the bad surprise:

Setting up logcheck (1.2.23) ...
chown: `logcheck:logcheck': invalid user
chgrp: invalid group name `logcheck'


no logcheck user in passwd!
zut, that was my last woody box.
we have a severy problem here!!!

a++ maks
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: Digital signature
Url : http://lists.alioth.debian.org/pipermail/logcheck-devel/attachments/20040715/080e9381/attachment.pgp

More information about the Logcheck-devel mailing list