[Logcheck-devel] Bug#315071: Results to your question

Noam Rathaus noamr at beyondsecurity.com
Tue Jun 21 13:16:55 UTC 2005 

Hi,

See below:
# getent group adm
adm:x:4:root,adm,daemon

And:
# ls -l /var/log
total 20384
-rw-r-----  1 root   adm      43310 Jun 21 16:00 auth.log
-rw-r-----  1 root   adm     128247 Jun 19 06:47 auth.log.0
-rw-r-----  1 root   adm      10318 Jun 12 06:47 auth.log.1.gz
-rw-r-----  1 root   adm       9508 Jun  5 06:47 auth.log.2.gz
-rw-r-----  1 root   adm      12475 May 29 06:47 auth.log.3.gz
-rw-r--r--  1 root   root      9838 May  3 17:43 base-config.log.1
-rw-r--r--  1 root   root       384 May  3 17:43 base-config.timings.1
-rw-rw-r--  1 root   utmp         0 Jun  1 06:25 btmp
-rw-rw-r--  1 root   utmp       384 May 22 15:57 btmp.1
drwxr-xr-x  2 clamav clamav    4096 Jun 19 06:25 clamav
-rw-r-----  1 root   adm     479384 Jun 21 16:15 daemon.log
-rw-r-----  1 root   adm    2017570 Jun 21 06:24 daemon.log.0
-rw-r-----  1 root   adm      57638 Jun 19 06:24 daemon.log.1.gz
-rw-r-----  1 root   adm      71562 Jun 17 06:24 daemon.log.2.gz
-rw-r-----  1 root   adm     122795 Jun 16 06:23 daemon.log.3.gz
-rw-r-----  1 root   adm      87333 Jun 14 06:25 daemon.log.4.gz
-rw-r-----  1 root   adm      24716 Jun 12 06:45 daemon.log.5.gz
-rw-r-----  1 root   adm      81834 Jun 11 06:24 daemon.log.6.gz
drwxr-xr-x  2 root   root      4096 Jun 16 10:14 dcc
-rw-r-----  1 root   adm        160 Jun 19 16:25 debug
-rw-r-----  1 root   adm       2512 Jun  9 15:26 debug.0
-rw-r-----  1 root   adm        248 May 31 16:56 debug.1.gz
-rw-r-----  1 root   adm        297 May 27 01:55 debug.2.gz
-rw-r-----  1 root   adm        126 May 19 11:16 debug.3.gz
-rw-r--r--  1 root   root      8841 Jun  7 13:28 dmesg
-rw-r--r--  1 root   root     24072 Jun 21 15:53 faillog
-rw-r--r--  1 root   root    360284 Jan 19  2004 installer.log
-rw-r--r--  1 root   root     43431 Jan 19  2004 installer.timings
-rw-r-----  1 root   adm       3451 Jun 21 10:11 kern.log
-rw-r-----  1 root   adm    4677518 Jun 20 21:05 kern.log.0
-rw-r-----  1 root   adm        298 Jun 14 13:52 kern.log.1.gz
-rw-r-----  1 root   adm       4236 Jun  9 17:02 kern.log.2.gz
-rw-r-----  1 root   adm        396 May 31 17:03 kern.log.3.gz
-rw-r-----  1 root   adm        208 May 26 11:47 kern.log.4.gz
drwxr-xr-x  2 root   root      4096 Mar 29  2004 ksymoops
-rw-rw-r--  1 root   utmp    292876 Jun 21 15:53 lastlog
-rw-r--r--  1 root   root         0 Jan 19  2004 lpr.log
drwxrws---  2 root   root      4096 Jun 19 06:47 mail
lrwxrwxrwx  1 root   root        22 Jan 20  2004 mail.log 
-> /var/log/mail/mail.log
-rw-r-----  1 root   adm       4543 Jun 21 16:10 messages
-rw-r-----  1 root   adm    4682345 Jun 21 06:09 messages.0
-rw-r-----  1 root   adm       1504 Jun 19 06:25 messages.1.gz
-rw-r-----  1 root   adm       6856 Jun 12 06:25 messages.2.gz
-rw-r-----  1 root   adm       2536 Jun  5 06:38 messages.3.gz
-rw-r-----  1 root   adm       3152 May 29 06:38 messages.4.gz
drwxr-sr-x  2 news   news      4096 Jan 19  2004 news
-rw-------  1 root   root     24774 Jun 21 09:16 openvpn
-rw-------  1 root   root       202 Jun  9 15:25 ppp-connect-errors.1.gz
-rw-------  1 root   root       175 May 31 16:56 ppp-connect-errors.2.gz
-rw-------  1 root   root       189 May 24 18:33 ppp-connect-errors.3.gz
-rw-------  1 root   root       171 May 22 17:11 ppp-connect-errors.4.gz
-rw-r-----  1 root   adm       2261 Mar  1  2004 setuid.changes
-rw-r-----  1 root   adm        849 Feb 27  2004 setuid.changes.0
-rw-r-----  1 root   adm        363 Feb 26  2004 setuid.changes.1.gz
-rw-r-----  1 root   adm        337 Feb 25  2004 setuid.changes.2.gz
-rw-r-----  1 root   adm        208 Feb 24  2004 setuid.changes.3.gz
-rw-r-----  1 root   adm        463 Feb 23  2004 setuid.changes.4.gz
-rw-r-----  1 root   adm        213 Feb 22  2004 setuid.changes.5.gz
-rw-r-----  1 root   adm        207 Feb 21  2004 setuid.changes.6.gz
-rw-r-----  1 root   adm     463518 Mar  1  2004 setuid.today
-rw-r-----  1 root   adm     463518 Feb 27  2004 setuid.yesterday
-rw-r-----  1 root   adm     497972 Jun 21 16:15 syslog
-rw-r-----  1 root   adm    5714380 Jun 21 06:25 syslog.0
-rw-r-----  1 root   adm      71445 Jun 20 06:25 syslog.1.gz
-rw-r-----  1 root   adm      29879 Jun 19 06:25 syslog.2.gz
-rw-r-----  1 root   adm      30894 Jun 18 06:25 syslog.3.gz
-rw-r-----  1 root   adm      79468 Jun 17 06:25 syslog.4.gz
-rw-r-----  1 root   adm      69985 Jun 16 06:25 syslog.5.gz
-rw-r-----  1 root   adm      74408 Jun 15 06:25 syslog.6.gz
-rw-r-----  1 root   adm          0 Apr 24 06:47 user.log
-rw-r-----  1 root   adm        143 Apr 20 14:54 user.log.0
-rw-r-----  1 root   adm         96 Dec 15  2004 user.log.1.gz
-rw-r-----  1 root   adm         96 Oct 20  2004 user.log.2.gz
-rw-r-----  1 root   adm         95 Oct  6  2004 user.log.3.gz
-rw-r-----  1 root   adm          0 Mar  7  2004 uucp.log
-rw-r-----  1 root   adm        309 Feb 26  2004 uucp.log.0
-rw-rw-r--  1 root   utmp     21120 Jun 17 10:52 wtmp
-rw-rw-r--  1 root   utmp     17280 May 31 17:06 wtmp.1

Hope this help debug the issue.

-- 

Noam Rathaus
CTO
Beyond Security Ltd.

http://www.beyondsecurity.com
http://www.securiteam.com

More information about the Logcheck-devel mailing list