[Logcheck-devel] Bug#355574: Acknowledgement (logcheck-database: Logcheck password expiration)
Javier Fernández-Sanguino Peña
jfs at computer.org
Tue Mar 18 07:20:37 UTC 2008
On Sun, Mar 16, 2008 at 09:36:51PM -0400, Frédéric Brière wrote:
> > Logcheck (and bastille) should be aware about which uid are reserved for
> > system accounts and act properly.
>
> It's not logcheck's place to know about system accounts. Whether or not
> Bastille should log this is another matter, about which I cannot
> comment.
It is logcheck's task to not warn users about useless messages. System
account expiration is useless. Bastille does not log this, this bug shows up
because Bastille doesn't know the uid range used for system accounts in
Debian and makes them expire as if they were user accounts.
> I would agree, though, that if Bastille already reports this information
> in some way (say, via email), then it's redundant to report it again.
> However, even after looking at the source, I can't figure out what
> Bastille logs, and whether it displays it elsewhere.
I'm sorry, you don't understand Bastille's task. Bastille does not log or
report any security information. It helps the admin secure down a host by
making configuration changes.
There a two bugs here:
- Bastille should not make system accounts expire, since that is useless and
spams the logs.
- logcheck shouldn't sent the admin the logs related to expiration of system
accounts since this expiration will never happen.
> CC'ing Bastille's maintainer, in case he can shed some light.
Hope I did.
Regards
Javier
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: Digital signature
Url : http://lists.alioth.debian.org/pipermail/logcheck-devel/attachments/20080318/6e0f90f4/attachment.pgp
More information about the Logcheck-devel
mailing list