[Logcheck-devel] Bug#355574: Acknowledgement (logcheck-database: Logcheck password expiration)
Frédéric Brière
fbriere at fbriere.net
Fri Aug 21 13:59:24 UTC 2009
On Tue, Mar 18, 2008 at 08:20:37AM +0100, Javier Fernández-Sanguino Peña wrote:
> > I would agree, though, that if Bastille already reports this information
> > in some way (say, via email), then it's redundant to report it again.
>
> I'm sorry, you don't understand Bastille's task. Bastille does not log or
Yeah, sorry, my brain must've slept in that day.
> - Bastille should not make system accounts expire, since that is useless and
> spams the logs.
Correct me if I'm wrong, but Bastille doesn't actively change the
expiration of existing accounts; it merely modifies /etc/login.defs.
I'm guessing the original user (who was running woody at the time) got
bitten by #298883, which has been fixed since; system accounts no longer
expire by default.
> - logcheck shouldn't sent the admin the logs related to expiration of system
> accounts since this expiration will never happen.
That's a good point, but I doubt logcheck will ever integrate such a
change until it gains macro support (#174331), so I'll tag this wontfix
for the meantime.
(Fun fact: adduser and useradd now have their own distinct definition of
a system account.)
--
< nobse> bleh... last night I had a dream... someone NMU'ed vim...
nightmare
-- in #debian-devel
More information about the Logcheck-devel
mailing list