View previous topic :: View next topic |
Author |
Message |
y351 Apprentice
Joined: 21 May 2017 Posts: 200
|
Posted: Thu Feb 20, 2020 4:24 pm Post subject: [Logcheck] - Erreurs de cron |
|
|
Bonjour,
J'ai installé logcheck dernièrement.
Je reçois des alertes le concernant :
Quote: | From: "(Cron Daemon)" <logcheck@localhost>
Subject: Cron <logcheck@localhost> if [ -x /usr/sbin/logcheck ]; then nice -n10 /usr/sbin/logcheck ; fi
mkdir: cannot create directory ‘/run/lock/logcheck’: Permission denied
|
ou
Quote: | From: "(Cron Daemon)" <root@localhost>
Subject: Cron <root@localhost> run-parts /etc/cron.hourly
mkdir: cannot create directory ‘/var/lock/logcheck’: Permission denied
run-parts: /etc/cron.hourly/logcheck.cron exited with return code 1 |
Code: |
ls -ldZ /var/lock /run /run/lock /run/lock/ |
Quote: |
drwxrwxr-x. 3 root uucp system_u:object_r:var_lock_t 60 20 févr. 16:48 /var/lock/
drwxr-xr-x. 17 root root system_u:object_r:var_run_t 740 20 févr. 11:50 /run/
lrwxrwxrwx. 1 root root system_u:object_r:var_lock_t 9 13 juin 2018 /var/lock -> /run/lock
drwxrwxr-x. 4 root uucp system_u:object_r:var_lock_t 80 20 févr. 16:59 /run/lock/
|
Code: | mount |egrep '/run' |
Quote: | tmpfs on /run type tmpfs (rw,nosuid,nodev,noexec,seclabel,mode=755)
|
D'après le bug déclaré sur Debian, un dev propose de basculer les droits vers
Quote: | This is not a bug in logcheck, but your /var/lock directory
permissions seem screwed up.
chmod 1777 /var/lock
should fix that. |
Qu'en pensez-vous de 1777 ? |
|
Back to top |
|
|
y351 Apprentice
Joined: 21 May 2017 Posts: 200
|
|
Back to top |
|
|
sebB l33t
Joined: 02 Mar 2011 Posts: 806 Location: S.O. France
|
Posted: Sat Feb 22, 2020 11:14 am Post subject: |
|
|
Peux tu poster le journal de compilation de logcheck et equery f logcheck?
Pour les changements dans logcheck 1.3.20 regarde ici |
|
Back to top |
|
|
y351 Apprentice
Joined: 21 May 2017 Posts: 200
|
Posted: Mon Feb 24, 2020 4:57 pm Post subject: |
|
|
sebB wrote: | Peux tu poster le journal de compilation de logcheck |
hmm...Je n'ai jamais activé l'option ; c'est fait maintenant.
Il y a deux fichiers de log :
Quote: |
No package files given... Grabbing a set.
--- replaced obj /var/lib/logcheck/.keep_app-admin_logcheck-0
--- replaced dir /var/lib/logcheck
--- replaced dir /var/lib
--- replaced dir /var
--- replaced obj /usr/share/man/man8/logtail2.8.bz2
--- replaced obj /usr/share/man/man8/logtail.8.bz2
--- replaced dir /usr/share/man/man8
--- replaced dir /usr/share/man
--- replaced obj /usr/share/logtail/detectrotate/30-logrotate-dateext.dtr
--- replaced obj /usr/share/logtail/detectrotate/20-logrotate.dtr
--- replaced obj /usr/share/logtail/detectrotate/10-savelog.dtr
--- replaced dir /usr/share/logtail/detectrotate
--- replaced dir /usr/share/logtail
--- replaced obj /usr/share/doc/logcheck-1.3.18-r1/TODO.bz2
--- replaced obj /usr/share/doc/logcheck-1.3.18-r1/README.logtail.bz2
--- replaced obj /usr/share/doc/logcheck-1.3.18-r1/README.logcheck.bz2
--- replaced obj /usr/share/doc/logcheck-1.3.18-r1/README.logcheck-database.bz2
--- replaced obj /usr/share/doc/logcheck-1.3.18-r1/README.keywords.bz2
--- replaced obj /usr/share/doc/logcheck-1.3.18-r1/README.how.to.interpret.bz2
--- replaced obj /usr/share/doc/logcheck-1.3.18-r1/README.gentoo
--- replaced obj /usr/share/doc/logcheck-1.3.18-r1/README.Maintainer.bz2
--- replaced obj /usr/share/doc/logcheck-1.3.18-r1/CREDITS.bz2
--- replaced obj /usr/share/doc/logcheck-1.3.18-r1/CHANGES.bz2
--- replaced obj /usr/share/doc/logcheck-1.3.18-r1/AUTHORS.bz2
--- replaced dir /usr/share/doc/logcheck-1.3.18-r1
--- replaced dir /usr/share/doc
--- replaced dir /usr/share
--- replaced obj /usr/sbin/logtail2
--- replaced obj /usr/sbin/logtail
--- replaced obj /usr/sbin/logcheck
--- replaced dir /usr/sbin
--- replaced obj /usr/bin/logcheck-test
--- replaced dir /usr/bin
--- replaced dir /usr
--- replaced obj /etc/logcheck/violations.ignore.d/logcheck-sudo
--- replaced obj /etc/logcheck/violations.ignore.d/logcheck-su
--- replaced dir /etc/logcheck/violations.ignore.d
--- replaced obj /etc/logcheck/violations.d/sudo
--- replaced obj /etc/logcheck/violations.d/su
--- replaced obj /etc/logcheck/violations.d/smartd
--- replaced obj /etc/logcheck/violations.d/logcheck
--- replaced obj /etc/logcheck/violations.d/kernel
--- replaced dir /etc/logcheck/violations.d
--- replaced dir /etc/logcheck/logcheck.logfiles.d
--- replaced obj /etc/logcheck/logcheck.logfiles
--- replaced obj /etc/logcheck/logcheck.conf
--- replaced obj /etc/logcheck/ignore.d.workstation/xlockmore
--- replaced obj /etc/logcheck/ignore.d.workstation/xdm
--- replaced obj /etc/logcheck/ignore.d.workstation/wpasupplicant
--- replaced obj /etc/logcheck/ignore.d.workstation/winbind
--- replaced obj /etc/logcheck/ignore.d.workstation/wdm
--- replaced obj /etc/logcheck/ignore.d.workstation/udev
--- replaced obj /etc/logcheck/ignore.d.workstation/squid
--- replaced obj /etc/logcheck/ignore.d.workstation/slim
--- replaced obj /etc/logcheck/ignore.d.workstation/sendfile
--- replaced obj /etc/logcheck/ignore.d.workstation/pump
--- replaced obj /etc/logcheck/ignore.d.workstation/proftpd
--- replaced obj /etc/logcheck/ignore.d.workstation/ppp
--- replaced obj /etc/logcheck/ignore.d.workstation/postfix
--- replaced obj /etc/logcheck/ignore.d.workstation/polypaudio
--- replaced obj /etc/logcheck/ignore.d.workstation/nntpcache
--- replaced obj /etc/logcheck/ignore.d.workstation/net-acct
--- replaced obj /etc/logcheck/ignore.d.workstation/login
--- replaced obj /etc/logcheck/ignore.d.workstation/logcheck
--- replaced obj /etc/logcheck/ignore.d.workstation/libpam-gnome-keyring
--- replaced obj /etc/logcheck/ignore.d.workstation/libmtp-runtime
--- replaced obj /etc/logcheck/ignore.d.workstation/laptop-mode-tools
--- replaced obj /etc/logcheck/ignore.d.workstation/kernel
--- replaced obj /etc/logcheck/ignore.d.workstation/kdm
--- replaced obj /etc/logcheck/ignore.d.workstation/ippl
--- replaced obj /etc/logcheck/ignore.d.workstation/ifplugd
--- replaced obj /etc/logcheck/ignore.d.workstation/hcid
--- replaced obj /etc/logcheck/ignore.d.workstation/hald
--- replaced obj /etc/logcheck/ignore.d.workstation/gdm
--- replaced obj /etc/logcheck/ignore.d.workstation/gconf
--- replaced obj /etc/logcheck/ignore.d.workstation/francine
--- replaced obj /etc/logcheck/ignore.d.workstation/dhcpcd
--- replaced obj /etc/logcheck/ignore.d.workstation/bonobo
--- replaced obj /etc/logcheck/ignore.d.workstation/bluez-utils
--- replaced obj /etc/logcheck/ignore.d.workstation/bluetooth-alsa
--- replaced obj /etc/logcheck/ignore.d.workstation/bind
--- replaced obj /etc/logcheck/ignore.d.workstation/automount
--- replaced dir /etc/logcheck/ignore.d.workstation
--- replaced obj /etc/logcheck/ignore.d.server/xinetd
--- replaced obj /etc/logcheck/ignore.d.server/wu-ftpd
--- replaced obj /etc/logcheck/ignore.d.server/watchdog
--- replaced obj /etc/logcheck/ignore.d.server/vsftpd
--- replaced obj /etc/logcheck/ignore.d.server/userv
--- replaced obj /etc/logcheck/ignore.d.server/uptimed
--- replaced obj /etc/logcheck/ignore.d.server/upsd
--- replaced obj /etc/logcheck/ignore.d.server/ucd-snmp
--- replaced obj /etc/logcheck/ignore.d.server/thy
--- replaced obj /etc/logcheck/ignore.d.server/tftpd
--- replaced obj /etc/logcheck/ignore.d.server/telnetd
--- replaced obj /etc/logcheck/ignore.d.server/teapop
--- replaced obj /etc/logcheck/ignore.d.server/systemd-timesyncd
--- replaced obj /etc/logcheck/ignore.d.server/systemd
--- replaced obj /etc/logcheck/ignore.d.server/syslogd
--- replaced obj /etc/logcheck/ignore.d.server/sympa
--- replaced obj /etc/logcheck/ignore.d.server/sudo
--- replaced obj /etc/logcheck/ignore.d.server/su
--- replaced obj /etc/logcheck/ignore.d.server/stunnel
--- replaced obj /etc/logcheck/ignore.d.server/ssh
--- replaced obj /etc/logcheck/ignore.d.server/squid
--- replaced obj /etc/logcheck/ignore.d.server/spamd
--- replaced obj /etc/logcheck/ignore.d.server/spamc
--- replaced obj /etc/logcheck/ignore.d.server/snort
--- replaced obj /etc/logcheck/ignore.d.server/snmpd
--- replaced obj /etc/logcheck/ignore.d.server/smokeping
--- replaced obj /etc/logcheck/ignore.d.server/smbd_audit
--- replaced obj /etc/logcheck/ignore.d.server/smartd
--- replaced obj /etc/logcheck/ignore.d.server/slapd
--- replaced obj /etc/logcheck/ignore.d.server/scponly
--- replaced obj /etc/logcheck/ignore.d.server/schroot
--- replaced obj /etc/logcheck/ignore.d.server/saslauthd
--- replaced obj /etc/logcheck/ignore.d.server/sasl2-bin
--- replaced obj /etc/logcheck/ignore.d.server/saned
--- replaced obj /etc/logcheck/ignore.d.server/samba
--- replaced obj /etc/logcheck/ignore.d.server/sa-exim
--- replaced obj /etc/logcheck/ignore.d.server/rsync
--- replaced obj /etc/logcheck/ignore.d.server/rsnapshot
--- replaced obj /etc/logcheck/ignore.d.server/rpc_statd
--- replaced obj /etc/logcheck/ignore.d.server/rbldnsd
--- replaced obj /etc/logcheck/ignore.d.server/qpopper
--- replaced obj /etc/logcheck/ignore.d.server/pureftp
--- replaced obj /etc/logcheck/ignore.d.server/pure-ftpd
--- replaced obj /etc/logcheck/ignore.d.server/proftpd
--- replaced obj /etc/logcheck/ignore.d.server/procmail
--- replaced obj /etc/logcheck/ignore.d.server/pptpd
--- replaced obj /etc/logcheck/ignore.d.server/ppp
--- replaced obj /etc/logcheck/ignore.d.server/postfix-policyd
--- replaced obj /etc/logcheck/ignore.d.server/postfix
--- replaced obj /etc/logcheck/ignore.d.server/popa3d
--- replaced obj /etc/logcheck/ignore.d.server/policyd
--- replaced obj /etc/logcheck/ignore.d.server/perdition
--- replaced obj /etc/logcheck/ignore.d.server/pdns
--- replaced obj /etc/logcheck/ignore.d.server/passwd
--- replaced obj /etc/logcheck/ignore.d.server/otrs
--- replaced obj /etc/logcheck/ignore.d.server/openvpn
--- replaced obj /etc/logcheck/ignore.d.server/nslcd
--- replaced obj /etc/logcheck/ignore.d.server/nscd
--- replaced obj /etc/logcheck/ignore.d.server/nntpcache
--- replaced obj /etc/logcheck/ignore.d.server/nfs
--- replaced obj /etc/logcheck/ignore.d.server/netconsole
--- replaced obj /etc/logcheck/ignore.d.server/nagios
--- replaced obj /etc/logcheck/ignore.d.server/mountd
--- replaced obj /etc/logcheck/ignore.d.server/mon
--- replaced obj /etc/logcheck/ignore.d.server/mldonkey-server
--- replaced obj /etc/logcheck/ignore.d.server/maradns
--- replaced obj /etc/logcheck/ignore.d.server/login
--- replaced obj /etc/logcheck/ignore.d.server/logcheck
--- replaced obj /etc/logcheck/ignore.d.server/libpam-mount
--- replaced obj /etc/logcheck/ignore.d.server/libpam-krb5
--- replaced obj /etc/logcheck/ignore.d.server/krb5-kdc
--- replaced obj /etc/logcheck/ignore.d.server/klogind
--- replaced obj /etc/logcheck/ignore.d.server/kernel
--- replaced obj /etc/logcheck/ignore.d.server/jabberd
--- replaced obj /etc/logcheck/ignore.d.server/isdnutils
--- replaced obj /etc/logcheck/ignore.d.server/isdnlog
--- replaced obj /etc/logcheck/ignore.d.server/ipppd
--- replaced obj /etc/logcheck/ignore.d.server/innd
--- replaced obj /etc/logcheck/ignore.d.server/imp4
--- replaced obj /etc/logcheck/ignore.d.server/imp
--- replaced obj /etc/logcheck/ignore.d.server/imapproxy
--- replaced obj /etc/logcheck/ignore.d.server/imap
--- replaced obj /etc/logcheck/ignore.d.server/ikiwiki
--- replaced obj /etc/logcheck/ignore.d.server/hylafax
--- replaced obj /etc/logcheck/ignore.d.server/hplip
--- replaced obj /etc/logcheck/ignore.d.server/horde3
--- replaced obj /etc/logcheck/ignore.d.server/grinch
--- replaced obj /etc/logcheck/ignore.d.server/gps
--- replaced obj /etc/logcheck/ignore.d.server/gnu-imap4d
--- replaced obj /etc/logcheck/ignore.d.server/git-daemon
--- replaced obj /etc/logcheck/ignore.d.server/ftpd
--- replaced obj /etc/logcheck/ignore.d.server/fcron
--- replaced obj /etc/logcheck/ignore.d.server/exim4
--- replaced obj /etc/logcheck/ignore.d.server/epmd
--- replaced obj /etc/logcheck/ignore.d.server/dspam
--- replaced obj /etc/logcheck/ignore.d.server/dropbear
--- replaced obj /etc/logcheck/ignore.d.server/dovecot
--- replaced obj /etc/logcheck/ignore.d.server/dnsmasq
--- replaced obj /etc/logcheck/ignore.d.server/dkfilter
--- replaced obj /etc/logcheck/ignore.d.server/dictd
--- replaced obj /etc/logcheck/ignore.d.server/dhcp
--- replaced obj /etc/logcheck/ignore.d.server/dhclient
--- replaced obj /etc/logcheck/ignore.d.server/ddclient
--- replaced obj /etc/logcheck/ignore.d.server/dcc
--- replaced obj /etc/logcheck/ignore.d.server/cyrus
--- replaced obj /etc/logcheck/ignore.d.server/cvsd
--- replaced obj /etc/logcheck/ignore.d.server/cvs-pserver
--- replaced obj /etc/logcheck/ignore.d.server/cups-lpd
--- replaced obj /etc/logcheck/ignore.d.server/cron-apt
--- replaced obj /etc/logcheck/ignore.d.server/cron
--- replaced obj /etc/logcheck/ignore.d.server/cpufreqd
--- replaced obj /etc/logcheck/ignore.d.server/cpqarrayd
--- replaced obj /etc/logcheck/ignore.d.server/courier
--- replaced obj /etc/logcheck/ignore.d.server/bluez-utils
--- replaced obj /etc/logcheck/ignore.d.server/bind
--- replaced obj /etc/logcheck/ignore.d.server/automount
--- replaced obj /etc/logcheck/ignore.d.server/asterisk
--- replaced obj /etc/logcheck/ignore.d.server/arpwatch
--- replaced obj /etc/logcheck/ignore.d.server/apcupsd
--- replaced obj /etc/logcheck/ignore.d.server/apache
--- replaced obj /etc/logcheck/ignore.d.server/anon-proxy
--- replaced obj /etc/logcheck/ignore.d.server/anacron
--- replaced obj /etc/logcheck/ignore.d.server/amavisd-new
--- replaced obj /etc/logcheck/ignore.d.server/amandad
--- replaced obj /etc/logcheck/ignore.d.server/acpid
--- replaced dir /etc/logcheck/ignore.d.server
--- replaced obj /etc/logcheck/ignore.d.server/hplip
--- replaced obj /etc/logcheck/ignore.d.server/horde3
--- replaced obj /etc/logcheck/ignore.d.server/grinch
--- replaced obj /etc/logcheck/ignore.d.server/gps
--- replaced obj /etc/logcheck/ignore.d.server/gnu-imap4d
--- replaced obj /etc/logcheck/ignore.d.server/git-daemon
--- replaced obj /etc/logcheck/ignore.d.server/ftpd
--- replaced obj /etc/logcheck/ignore.d.server/fcron
--- replaced obj /etc/logcheck/ignore.d.server/exim4
--- replaced obj /etc/logcheck/ignore.d.server/epmd
--- replaced obj /etc/logcheck/ignore.d.server/dspam
--- replaced obj /etc/logcheck/ignore.d.server/dropbear
--- replaced obj /etc/logcheck/ignore.d.server/dovecot
--- replaced obj /etc/logcheck/ignore.d.server/dnsmasq
--- replaced obj /etc/logcheck/ignore.d.server/dkfilter
--- replaced obj /etc/logcheck/ignore.d.server/dictd
--- replaced obj /etc/logcheck/ignore.d.server/dhcp
--- replaced obj /etc/logcheck/ignore.d.server/dhclient
--- replaced obj /etc/logcheck/ignore.d.server/ddclient
--- replaced obj /etc/logcheck/ignore.d.server/dcc
--- replaced obj /etc/logcheck/ignore.d.server/cyrus
--- replaced obj /etc/logcheck/ignore.d.server/cvsd
--- replaced obj /etc/logcheck/ignore.d.server/cvs-pserver
--- replaced obj /etc/logcheck/ignore.d.server/cups-lpd
--- replaced obj /etc/logcheck/ignore.d.server/cron-apt
--- replaced obj /etc/logcheck/ignore.d.server/cron
--- replaced obj /etc/logcheck/ignore.d.server/cpufreqd
--- replaced obj /etc/logcheck/ignore.d.server/cpqarrayd
--- replaced obj /etc/logcheck/ignore.d.server/courier
--- replaced obj /etc/logcheck/ignore.d.server/bluez-utils
--- replaced obj /etc/logcheck/ignore.d.server/bind
--- replaced obj /etc/logcheck/ignore.d.server/automount
--- replaced obj /etc/logcheck/ignore.d.server/asterisk
--- replaced obj /etc/logcheck/ignore.d.server/arpwatch
--- replaced obj /etc/logcheck/ignore.d.server/apcupsd
--- replaced obj /etc/logcheck/ignore.d.server/apache
--- replaced obj /etc/logcheck/ignore.d.server/anon-proxy
--- replaced obj /etc/logcheck/ignore.d.server/anacron
--- replaced obj /etc/logcheck/ignore.d.server/amavisd-new
--- replaced obj /etc/logcheck/ignore.d.server/amandad
--- replaced obj /etc/logcheck/ignore.d.server/acpid
--- replaced dir /etc/logcheck/ignore.d.server
--- replaced obj /etc/logcheck/ignore.d.paranoid/usb
--- replaced obj /etc/logcheck/ignore.d.paranoid/tripwire
--- replaced obj /etc/logcheck/ignore.d.paranoid/telnetd
--- replaced obj /etc/logcheck/ignore.d.paranoid/sysklogd
--- replaced obj /etc/logcheck/ignore.d.paranoid/stunnel
--- replaced obj /etc/logcheck/ignore.d.paranoid/ssh
--- replaced obj /etc/logcheck/ignore.d.paranoid/squid
--- replaced obj /etc/logcheck/ignore.d.paranoid/qpopper
--- replaced obj /etc/logcheck/ignore.d.paranoid/pureftp
--- replaced obj /etc/logcheck/ignore.d.paranoid/ppp
--- replaced obj /etc/logcheck/ignore.d.paranoid/postfix
--- replaced obj /etc/logcheck/ignore.d.paranoid/logcheck
--- replaced obj /etc/logcheck/ignore.d.paranoid/incron
--- replaced obj /etc/logcheck/ignore.d.paranoid/cron
--- replaced obj /etc/logcheck/ignore.d.paranoid/bind
--- replaced dir /etc/logcheck/ignore.d.paranoid
--- replaced dir /etc/logcheck/cracking.ignore.d
--- replaced obj /etc/logcheck/cracking.d/uucico
--- replaced obj /etc/logcheck/cracking.d/tftpd
--- replaced obj /etc/logcheck/cracking.d/smartd
--- replaced obj /etc/logcheck/cracking.d/rsh
--- replaced obj /etc/logcheck/cracking.d/rlogind
--- replaced obj /etc/logcheck/cracking.d/kernel
--- replaced dir /etc/logcheck/cracking.d
--- replaced dir /etc/logcheck
--- replaced obj /etc/cron.hourly/logcheck.cron
--- replaced dir /etc/cron.hourly
--- replaced dir /etc
|
Quote: |
* Package: app-admin/logcheck-1.3.18-r1
* Repository: gentoo
* USE: abi_x86_64 amd64 elibc_glibc kernel_linux userland_GNU
* FEATURES: ccache network-sandbox preserve-libs sandbox selinux sesandbox userpriv usersandbox
Unable to configure loopback interface: Permission denied
>>> Unpacking source...
>>> Unpacking logcheck_1.3.18.tar.xz to /var/tmp/portage/app-admin/logcheck-1.3.18-r1/work
>>> Source unpacked in /var/tmp/portage/app-admin/logcheck-1.3.18-r1/work
Unable to configure loopback interface: Permission denied
>>> Preparing source in /var/tmp/portage/app-admin/logcheck-1.3.18-r1/work/logcheck-1.3.18 ...
>>> Source prepared.
Unable to configure loopback interface: Permission denied
>>> Configuring source in /var/tmp/portage/app-admin/logcheck-1.3.18-r1/work/logcheck-1.3.18 ...
>>> Source configured.
Unable to configure loopback interface: Permission denied
>>> Compiling source in /var/tmp/portage/app-admin/logcheck-1.3.18-r1/work/logcheck-1.3.18 ...
make -j5
make: Nothing to be done for 'all'.
>>> Source compiled.
Unable to configure loopback interface: Permission denied
>>> Test phase [not enabled]: app-admin/logcheck-1.3.18-r1
Unable to configure loopback interface: Permission denied
>>> Install app-admin/logcheck-1.3.18-r1 into /var/tmp/portage/app-admin/logcheck-1.3.18-r1/image/
make -j5 DESTDIR=/var/tmp/portage/app-admin/logcheck-1.3.18-r1/image/ install
# Create the directories
install -m 750 -d /var/tmp/portage/app-admin/logcheck-1.3.18-r1/image//etc/logcheck
install -d /var/tmp/portage/app-admin/logcheck-1.3.18-r1/image//var/lib/logcheck
install -d /var/tmp/portage/app-admin/logcheck-1.3.18-r1/image//usr/sbin
install -d /var/tmp/portage/app-admin/logcheck-1.3.18-r1/image//usr/bin
install -d /var/tmp/portage/app-admin/logcheck-1.3.18-r1/image//var/lock/logcheck
install -d /var/tmp/portage/app-admin/logcheck-1.3.18-r1/image//usr/share/logtail/detectrotate
install -m 2750 -d /var/tmp/portage/app-admin/logcheck-1.3.18-r1/image//etc/logcheck/ignore.d.paranoid
install -m 2750 -d /var/tmp/portage/app-admin/logcheck-1.3.18-r1/image//etc/logcheck/ignore.d.workstation
install -m 2750 -d /var/tmp/portage/app-admin/logcheck-1.3.18-r1/image//etc/logcheck/ignore.d.server
install -m 2750 -d /var/tmp/portage/app-admin/logcheck-1.3.18-r1/image//etc/logcheck/cracking.d
install -m 2750 -d /var/tmp/portage/app-admin/logcheck-1.3.18-r1/image//etc/logcheck/cracking.ignore.d
install -m 2750 -d /var/tmp/portage/app-admin/logcheck-1.3.18-r1/image//etc/logcheck/violations.d
install -m 2750 -d /var/tmp/portage/app-admin/logcheck-1.3.18-r1/image//etc/logcheck/violations.ignore.d
install -m 2750 -d /var/tmp/portage/app-admin/logcheck-1.3.18-r1/image//etc/logcheck/logcheck.logfiles.d
# Install the scripts
install -m 755 src/logcheck /var/tmp/portage/app-admin/logcheck-1.3.18-r1/image//usr/sbin/
install -m 755 src/logtail /var/tmp/portage/app-admin/logcheck-1.3.18-r1/image//usr/sbin/
install -m 755 src/logtail2 /var/tmp/portage/app-admin/logcheck-1.3.18-r1/image//usr/sbin/
install -m 755 src/logcheck-test /var/tmp/portage/app-admin/logcheck-1.3.18-r1/image//usr/bin/
install -m 755 src/detectrotate/10-savelog.dtr /var/tmp/portage/app-admin/logcheck-1.3.18-r1/image//usr/share/logtail/detectrotate/
install -m 755 src/detectrotate/20-logrotate.dtr /var/tmp/portage/app-admin/logcheck-1.3.18-r1/image//usr/share/logtail/detectrotate/
install -m 755 src/detectrotate/30-logrotate-dateext.dtr /var/tmp/portage/app-admin/logcheck-1.3.18-r1/image//usr/share/logtail/detectrotate/
# Install the config files
install -m 640 etc/logcheck.logfiles /var/tmp/portage/app-admin/logcheck-1.3.18-r1/image//etc/logcheck
install -m 640 etc/logcheck.conf /var/tmp/portage/app-admin/logcheck-1.3.18-r1/image//etc/logcheck
# Install the rulefiles
install -m 644 rulefiles/linux/ignore.d.paranoid/* \
/var/tmp/portage/app-admin/logcheck-1.3.18-r1/image//etc/logcheck/ignore.d.paranoid/
install -m 644 rulefiles/linux/ignore.d.server/* \
/var/tmp/portage/app-admin/logcheck-1.3.18-r1/image//etc/logcheck/ignore.d.server/
install -m 644 rulefiles/linux/ignore.d.workstation/* \
/var/tmp/portage/app-admin/logcheck-1.3.18-r1/image//etc/logcheck/ignore.d.workstation/
install -m 644 rulefiles/linux/violations.d/* \
/var/tmp/portage/app-admin/logcheck-1.3.18-r1/image//etc/logcheck/violations.d/
install -m 644 rulefiles/linux/violations.ignore.d/* \
/var/tmp/portage/app-admin/logcheck-1.3.18-r1/image//etc/logcheck/violations.ignore.d/
install -m 644 rulefiles/linux/cracking.d/* \
/var/tmp/portage/app-admin/logcheck-1.3.18-r1/image//etc/logcheck/cracking.d/
>>> Completed installing app-admin/logcheck-1.3.18-r1 into /var/tmp/portage/app-admin/logcheck-1.3.18-r1/image/
* Final size of build directory: 1448 KiB (1.4 MiB)
* Final size of installed tree: 1016 KiB
Unable to configure loopback interface: Permission denied
./
./etc/
./etc/logcheck/
./etc/logcheck/ignore.d.paranoid/
./etc/logcheck/ignore.d.paranoid/bind
./etc/logcheck/ignore.d.paranoid/cron
./etc/logcheck/ignore.d.paranoid/incron
./etc/logcheck/ignore.d.paranoid/logcheck
./etc/logcheck/ignore.d.paranoid/postfix
./etc/logcheck/ignore.d.paranoid/ppp
./etc/logcheck/ignore.d.paranoid/pureftp
./etc/logcheck/ignore.d.paranoid/qpopper
./etc/logcheck/ignore.d.paranoid/squid
./etc/logcheck/ignore.d.paranoid/ssh
./etc/logcheck/ignore.d.paranoid/stunnel
./etc/logcheck/ignore.d.paranoid/sysklogd
./etc/logcheck/ignore.d.paranoid/telnetd
./etc/logcheck/ignore.d.paranoid/tripwire
./etc/logcheck/ignore.d.paranoid/usb
./etc/logcheck/ignore.d.workstation/
./etc/logcheck/ignore.d.workstation/automount
./etc/logcheck/ignore.d.workstation/bind
./etc/logcheck/ignore.d.workstation/bluetooth-alsa
./etc/logcheck/ignore.d.workstation/bluez-utils
./etc/logcheck/ignore.d.workstation/bonobo
./etc/logcheck/ignore.d.workstation/dhcpcd
./etc/logcheck/ignore.d.workstation/francine
./etc/logcheck/ignore.d.workstation/gconf
./etc/logcheck/ignore.d.workstation/gdm
./etc/logcheck/ignore.d.workstation/hald
./etc/logcheck/ignore.d.workstation/hcid
./etc/logcheck/ignore.d.workstation/ifplugd
./etc/logcheck/ignore.d.workstation/ippl
./etc/logcheck/ignore.d.workstation/kdm
./etc/logcheck/ignore.d.workstation/kernel
./etc/logcheck/ignore.d.workstation/laptop-mode-tools
./etc/logcheck/ignore.d.workstation/libmtp-runtime
./etc/logcheck/ignore.d.workstation/libpam-gnome-keyring
./etc/logcheck/ignore.d.workstation/logcheck
./etc/logcheck/ignore.d.workstation/login
./etc/logcheck/ignore.d.workstation/net-acct
./etc/logcheck/ignore.d.workstation/nntpcache
./etc/logcheck/ignore.d.workstation/polypaudio
./etc/logcheck/ignore.d.workstation/postfix
./etc/logcheck/ignore.d.workstation/ppp
./etc/logcheck/ignore.d.workstation/proftpd
./etc/logcheck/ignore.d.workstation/pump
./etc/logcheck/ignore.d.workstation/sendfile
./etc/logcheck/ignore.d.workstation/slim
./etc/logcheck/ignore.d.workstation/squid
./etc/logcheck/ignore.d.workstation/udev
./etc/logcheck/ignore.d.workstation/wdm
./etc/logcheck/ignore.d.workstation/winbind
./etc/logcheck/ignore.d.workstation/wpasupplicant
./etc/logcheck/ignore.d.workstation/xdm
./etc/logcheck/ignore.d.workstation/xlockmore
./etc/logcheck/ignore.d.server/
./etc/logcheck/ignore.d.server/acpid
./etc/logcheck/ignore.d.server/amandad
./etc/logcheck/ignore.d.server/amavisd-new
./etc/logcheck/ignore.d.server/anacron
./etc/logcheck/ignore.d.server/anon-proxy
./etc/logcheck/ignore.d.server/apache
./etc/logcheck/ignore.d.server/apcupsd
./etc/logcheck/ignore.d.server/arpwatch
./etc/logcheck/ignore.d.server/asterisk
./etc/logcheck/ignore.d.server/automount
./etc/logcheck/ignore.d.server/bind
./etc/logcheck/ignore.d.server/bluez-utils
./etc/logcheck/ignore.d.server/courier
./etc/logcheck/ignore.d.server/cpqarrayd
./etc/logcheck/ignore.d.server/cpufreqd
./etc/logcheck/ignore.d.server/cron
./etc/logcheck/ignore.d.server/cron-apt
./etc/logcheck/ignore.d.server/cups-lpd
./etc/logcheck/ignore.d.server/cvs-pserver
./etc/logcheck/ignore.d.server/cvsd
./etc/logcheck/ignore.d.server/cyrus
./etc/logcheck/ignore.d.server/dcc
./etc/logcheck/ignore.d.server/ddclient
./etc/logcheck/ignore.d.server/dhclient
./etc/logcheck/ignore.d.server/dhcp
./etc/logcheck/ignore.d.server/dictd
./etc/logcheck/ignore.d.server/dkfilter
./etc/logcheck/ignore.d.server/dnsmasq
./etc/logcheck/ignore.d.server/dovecot
./etc/logcheck/ignore.d.server/dropbear
./etc/logcheck/ignore.d.server/dspam
./etc/logcheck/ignore.d.server/epmd
./etc/logcheck/ignore.d.server/exim4
./etc/logcheck/ignore.d.server/fcron
./etc/logcheck/ignore.d.server/ftpd
./etc/logcheck/ignore.d.server/git-daemon
./etc/logcheck/ignore.d.server/gnu-imap4d
./etc/logcheck/ignore.d.server/gps
./etc/logcheck/ignore.d.server/grinch
./etc/logcheck/ignore.d.server/horde3
./etc/logcheck/ignore.d.server/hplip
./etc/logcheck/ignore.d.server/hylafax
./etc/logcheck/ignore.d.server/ikiwiki
./etc/logcheck/ignore.d.server/imap
./etc/logcheck/ignore.d.server/imapproxy
./etc/logcheck/ignore.d.server/imp
./etc/logcheck/ignore.d.server/imp4
./etc/logcheck/ignore.d.server/innd
./etc/logcheck/ignore.d.server/ipppd
./etc/logcheck/ignore.d.server/isdnlog
./etc/logcheck/ignore.d.server/isdnutils
./etc/logcheck/ignore.d.server/jabberd
./etc/logcheck/ignore.d.server/kernel
./etc/logcheck/ignore.d.server/klogind
./etc/logcheck/ignore.d.server/krb5-kdc
./etc/logcheck/ignore.d.server/libpam-krb5
./etc/logcheck/ignore.d.server/libpam-mount
./etc/logcheck/ignore.d.server/logcheck
./etc/logcheck/ignore.d.server/login
./etc/logcheck/ignore.d.server/maradns
./etc/logcheck/ignore.d.server/mldonkey-server
./etc/logcheck/ignore.d.server/mon
./etc/logcheck/ignore.d.server/mountd
./etc/logcheck/ignore.d.server/nagios
./etc/logcheck/ignore.d.server/netconsole
./etc/logcheck/ignore.d.server/nfs
./etc/logcheck/ignore.d.server/nntpcache
./etc/logcheck/ignore.d.server/nscd
./etc/logcheck/ignore.d.server/nslcd
./etc/logcheck/ignore.d.server/openvpn
./etc/logcheck/ignore.d.server/otrs
./etc/logcheck/ignore.d.server/passwd
./etc/logcheck/ignore.d.server/pdns
./etc/logcheck/ignore.d.server/perdition
./etc/logcheck/ignore.d.server/policyd
./etc/logcheck/ignore.d.server/popa3d
./etc/logcheck/ignore.d.server/postfix
./etc/logcheck/ignore.d.server/postfix-policyd
./etc/logcheck/ignore.d.server/ppp
./etc/logcheck/ignore.d.server/pptpd
./etc/logcheck/ignore.d.server/procmail
./etc/logcheck/ignore.d.server/proftpd
./etc/logcheck/ignore.d.server/pure-ftpd
./etc/logcheck/ignore.d.server/pureftp
./etc/logcheck/ignore.d.server/qpopper
./etc/logcheck/ignore.d.server/rbldnsd
./etc/logcheck/ignore.d.server/rpc_statd
./etc/logcheck/ignore.d.server/rsnapshot
./etc/logcheck/ignore.d.server/rsync
./etc/logcheck/ignore.d.server/sa-exim
./etc/logcheck/ignore.d.server/samba
./etc/logcheck/ignore.d.server/saned
./etc/logcheck/ignore.d.server/sasl2-bin
./etc/logcheck/ignore.d.server/saslauthd
./etc/logcheck/ignore.d.server/schroot
./etc/logcheck/ignore.d.server/scponly
./etc/logcheck/ignore.d.server/slapd
./etc/logcheck/ignore.d.server/smartd
./etc/logcheck/ignore.d.server/smbd_audit
./etc/logcheck/ignore.d.server/smokeping
./etc/logcheck/ignore.d.server/snmpd
./etc/logcheck/ignore.d.server/snort
./etc/logcheck/ignore.d.server/spamc
./etc/logcheck/ignore.d.server/spamd
./etc/logcheck/ignore.d.server/squid
./etc/logcheck/ignore.d.server/ssh
./etc/logcheck/ignore.d.server/stunnel
./etc/logcheck/ignore.d.server/su
./etc/logcheck/ignore.d.server/sudo
./etc/logcheck/ignore.d.server/sympa
./etc/logcheck/ignore.d.server/syslogd
./etc/logcheck/ignore.d.server/systemd
./etc/logcheck/ignore.d.server/systemd-timesyncd
./etc/logcheck/ignore.d.server/teapop
./etc/logcheck/ignore.d.server/telnetd
./etc/logcheck/ignore.d.server/tftpd
./etc/logcheck/ignore.d.server/thy
./etc/logcheck/ignore.d.server/ucd-snmp
./etc/logcheck/ignore.d.server/upsd
./etc/logcheck/ignore.d.server/uptimed
./etc/logcheck/ignore.d.server/userv
./etc/logcheck/ignore.d.server/vsftpd
./etc/logcheck/ignore.d.server/watchdog
./etc/logcheck/ignore.d.server/wu-ftpd
./etc/logcheck/ignore.d.server/xinetd
./etc/logcheck/cracking.d/
./etc/logcheck/cracking.d/kernel
./etc/logcheck/cracking.d/rlogind
./etc/logcheck/cracking.d/rsh
./etc/logcheck/cracking.d/smartd
./etc/logcheck/cracking.d/tftpd
./etc/logcheck/cracking.d/uucico
./etc/logcheck/cracking.ignore.d/
./etc/logcheck/violations.d/
./etc/logcheck/violations.d/kernel
./etc/logcheck/violations.d/logcheck
./etc/logcheck/violations.d/smartd
./etc/logcheck/violations.d/su
./etc/logcheck/violations.d/sudo
./etc/logcheck/violations.ignore.d/
./etc/logcheck/violations.ignore.d/logcheck-su
./etc/logcheck/violations.ignore.d/logcheck-sudo
./etc/logcheck/logcheck.logfiles.d/
./etc/logcheck/logcheck.logfiles
./etc/logcheck/logcheck.conf
./etc/cron.hourly/
./etc/cron.hourly/logcheck.cron
./var/
./var/lib/
./var/lib/logcheck/
./var/lib/logcheck/.keep_app-admin_logcheck-0
./usr/
./usr/sbin/
./usr/sbin/logcheck
./usr/sbin/logtail
./usr/sbin/logtail2
./usr/bin/
./usr/bin/logcheck-test
./usr/share/
./usr/share/logtail/
./usr/share/logtail/detectrotate/
./usr/share/logtail/detectrotate/10-savelog.dtr
./usr/share/logtail/detectrotate/20-logrotate.dtr
./usr/share/logtail/detectrotate/30-logrotate-dateext.dtr
./usr/share/doc/
./usr/share/doc/logcheck-1.3.18-r1/
./usr/share/doc/logcheck-1.3.18-r1/README.gentoo
./usr/share/doc/logcheck-1.3.18-r1/CREDITS.bz2
./usr/share/doc/logcheck-1.3.18-r1/AUTHORS.bz2
./usr/share/doc/logcheck-1.3.18-r1/CHANGES.bz2
./usr/share/doc/logcheck-1.3.18-r1/TODO.bz2
./usr/share/doc/logcheck-1.3.18-r1/README.Maintainer.bz2
./usr/share/doc/logcheck-1.3.18-r1/README.how.to.interpret.bz2
./usr/share/doc/logcheck-1.3.18-r1/README.keywords.bz2
./usr/share/doc/logcheck-1.3.18-r1/README.logcheck.bz2
./usr/share/doc/logcheck-1.3.18-r1/README.logtail.bz2
./usr/share/doc/logcheck-1.3.18-r1/README.logcheck-database.bz2
./usr/share/man/
./usr/share/man/man8/
./usr/share/man/man8/logtail.8.bz2
./usr/share/man/man8/logtail2.8.bz2
>>> Done.
Unable to configure loopback interface: Permission denied
* checking 213 files for package collisions
>>> Merging app-admin/logcheck-1.3.18-r1 to /
>>> Setting SELinux security labels
--- /usr/
--- /usr/share/
--- /usr/share/man/
--- /usr/share/man/man8/
>>> /usr/share/man/man8/logtail2.8.bz2
>>> /usr/share/man/man8/logtail.8.bz2
--- /usr/share/doc/
--- /usr/share/doc/logcheck-1.3.18-r1/
>>> /usr/share/doc/logcheck-1.3.18-r1/README.logcheck-database.bz2
>>> /usr/share/doc/logcheck-1.3.18-r1/README.logtail.bz2
>>> /usr/share/doc/logcheck-1.3.18-r1/README.logcheck.bz2
>>> /usr/share/doc/logcheck-1.3.18-r1/README.keywords.bz2
>>> /usr/share/doc/logcheck-1.3.18-r1/README.how.to.interpret.bz2
>>> /usr/share/doc/logcheck-1.3.18-r1/README.Maintainer.bz2
>>> /usr/share/doc/logcheck-1.3.18-r1/TODO.bz2
>>> /usr/share/doc/logcheck-1.3.18-r1/CHANGES.bz2
>>> /usr/share/doc/logcheck-1.3.18-r1/AUTHORS.bz2
>>> /usr/share/doc/logcheck-1.3.18-r1/CREDITS.bz2
>>> /usr/share/doc/logcheck-1.3.18-r1/README.gentoo
--- /usr/share/logtail/
--- /usr/share/logtail/detectrotate/
>>> /usr/share/logtail/detectrotate/30-logrotate-dateext.dtr
>>> /usr/share/logtail/detectrotate/20-logrotate.dtr
>>> /usr/share/logtail/detectrotate/10-savelog.dtr
--- /usr/bin/
>>> /usr/bin/logcheck-test
--- /usr/sbin/
>>> /usr/sbin/logtail2
>>> /usr/sbin/logtail
>>> /usr/sbin/logcheck
--- /var/
--- /var/lib/
--- /var/lib/logcheck/
>>> /var/lib/logcheck/.keep_app-admin_logcheck-0
--- /etc/
--- /etc/cron.hourly/
>>> /etc/cron.hourly/logcheck.cron
--- /etc/logcheck/
--- /etc/logcheck/logcheck.conf
--- /etc/logcheck/logcheck.logfiles
--- /etc/logcheck/logcheck.logfiles.d/
--- /etc/logcheck/violations.ignore.d/
>>> /etc/logcheck/violations.ignore.d/logcheck-sudo
>>> /etc/logcheck/violations.ignore.d/logcheck-su
--- /etc/logcheck/violations.d/
>>> /etc/logcheck/violations.d/sudo
>>> /etc/logcheck/violations.d/su
>>> /etc/logcheck/violations.d/smartd
>>> /etc/logcheck/violations.d/logcheck
>>> /etc/logcheck/violations.d/kernel
--- /etc/logcheck/cracking.ignore.d/
--- /etc/logcheck/cracking.d/
>>> /etc/logcheck/cracking.d/uucico
>>> /etc/logcheck/cracking.d/tftpd
>>> /etc/logcheck/cracking.d/smartd
>>> /etc/logcheck/cracking.d/rsh
>>> /etc/logcheck/cracking.d/rlogind
>>> /etc/logcheck/cracking.d/kernel
--- /etc/logcheck/ignore.d.server/
>>> /etc/logcheck/ignore.d.server/xinetd
>>> /etc/logcheck/ignore.d.server/wu-ftpd
>>> /etc/logcheck/ignore.d.server/watchdog
>>> /etc/logcheck/ignore.d.server/vsftpd
>>> /etc/logcheck/ignore.d.server/userv
>>> /etc/logcheck/ignore.d.server/uptimed
>>> /etc/logcheck/ignore.d.server/upsd
>>> /etc/logcheck/ignore.d.server/ucd-snmp
>>> /etc/logcheck/ignore.d.server/thy
>>> /etc/logcheck/ignore.d.server/tftpd
>>> /etc/logcheck/ignore.d.server/telnetd
>>> /etc/logcheck/ignore.d.server/teapop
>>> /etc/logcheck/ignore.d.server/systemd-timesyncd
>>> /etc/logcheck/ignore.d.server/systemd
>>> /etc/logcheck/ignore.d.server/syslogd
>>> /etc/logcheck/ignore.d.server/sympa
>>> /etc/logcheck/ignore.d.server/sudo
>>> /etc/logcheck/ignore.d.server/su
>>> /etc/logcheck/ignore.d.server/stunnel
>>> /etc/logcheck/ignore.d.server/ssh
>>> /etc/logcheck/ignore.d.server/squid
>>> /etc/logcheck/ignore.d.server/spamd
>>> /etc/logcheck/ignore.d.server/spamc
>>> /etc/logcheck/ignore.d.server/snort
>>> /etc/logcheck/ignore.d.server/snmpd
>>> /etc/logcheck/ignore.d.server/smokeping
>>> /etc/logcheck/ignore.d.server/smbd_audit
>>> /etc/logcheck/ignore.d.server/smartd
>>> /etc/logcheck/ignore.d.server/slapd
>>> /etc/logcheck/ignore.d.server/scponly
>>> /etc/logcheck/ignore.d.server/schroot
>>> /etc/logcheck/ignore.d.server/saslauthd
>>> /etc/logcheck/ignore.d.server/sasl2-bin
>>> /etc/logcheck/ignore.d.server/saned
>>> /etc/logcheck/ignore.d.server/samba
>>> /etc/logcheck/ignore.d.server/sa-exim
>>> /etc/logcheck/ignore.d.server/rsync
>>> /etc/logcheck/ignore.d.server/rsnapshot
>>> /etc/logcheck/ignore.d.server/rpc_statd
>>> /etc/logcheck/ignore.d.server/rbldnsd
>>> /etc/logcheck/ignore.d.server/qpopper
>>> /etc/logcheck/ignore.d.server/pureftp
>>> /etc/logcheck/ignore.d.server/pure-ftpd
>>> /etc/logcheck/ignore.d.server/proftpd
>>> /etc/logcheck/ignore.d.server/procmail
>>> /etc/logcheck/ignore.d.server/pptpd
>>> /etc/logcheck/ignore.d.server/ppp
>>> /etc/logcheck/ignore.d.server/postfix-policyd
>>> /etc/logcheck/ignore.d.server/postfix
>>> /etc/logcheck/ignore.d.server/popa3d
>>> /etc/logcheck/ignore.d.server/policyd
>>> /etc/logcheck/ignore.d.server/perdition
>>> /etc/logcheck/ignore.d.server/pdns
>>> /etc/logcheck/ignore.d.server/passwd
>>> /etc/logcheck/ignore.d.server/otrs
>>> /etc/logcheck/ignore.d.server/openvpn
>>> /etc/logcheck/ignore.d.server/nslcd
>>> /etc/logcheck/ignore.d.server/nscd
>>> /etc/logcheck/ignore.d.server/nntpcache
>>> /etc/logcheck/ignore.d.server/nfs
>>> /etc/logcheck/ignore.d.server/netconsole
>>> /etc/logcheck/ignore.d.server/nagios
>>> /etc/logcheck/ignore.d.server/mountd
>>> /etc/logcheck/ignore.d.server/mon
>>> /etc/logcheck/ignore.d.server/mldonkey-server
>>> /etc/logcheck/ignore.d.server/maradns
>>> /etc/logcheck/ignore.d.server/login
>>> /etc/logcheck/ignore.d.server/logcheck
>>> /etc/logcheck/ignore.d.server/libpam-mount
>>> /etc/logcheck/ignore.d.server/libpam-krb5
>>> /etc/logcheck/ignore.d.server/krb5-kdc
>>> /etc/logcheck/ignore.d.server/klogind
>>> /etc/logcheck/ignore.d.server/kernel
>>> /etc/logcheck/ignore.d.server/jabberd
>>> /etc/logcheck/ignore.d.server/isdnutils
>>> /etc/logcheck/ignore.d.server/isdnlog
>>> /etc/logcheck/ignore.d.server/ipppd
>>> /etc/logcheck/ignore.d.server/innd
>>> /etc/logcheck/ignore.d.server/imp4
>>> /etc/logcheck/ignore.d.server/imp
>>> /etc/logcheck/ignore.d.server/imapproxy
>>> /etc/logcheck/ignore.d.server/imap
>>> /etc/logcheck/ignore.d.server/ikiwiki
>>> /etc/logcheck/ignore.d.server/hylafax
>>> /etc/logcheck/ignore.d.server/hplip
>>> /etc/logcheck/ignore.d.server/horde3
>>> /etc/logcheck/ignore.d.server/grinch
>>> /etc/logcheck/ignore.d.server/gps
>>> /etc/logcheck/ignore.d.server/gnu-imap4d
>>> /etc/logcheck/ignore.d.server/git-daemon
>>> /etc/logcheck/ignore.d.server/ftpd
>>> /etc/logcheck/ignore.d.server/fcron
>>> /etc/logcheck/ignore.d.server/exim4
>>> /etc/logcheck/ignore.d.server/epmd
>>> /etc/logcheck/ignore.d.server/dspam
>>> /etc/logcheck/ignore.d.server/dropbear
>>> /etc/logcheck/ignore.d.server/dovecot
>>> /etc/logcheck/ignore.d.server/dnsmasq
>>> /etc/logcheck/ignore.d.server/dkfilter
>>> /etc/logcheck/ignore.d.server/dictd
>>> /etc/logcheck/ignore.d.server/dhcp
>>> /etc/logcheck/ignore.d.server/dhclient
>>> /etc/logcheck/ignore.d.server/ddclient
>>> /etc/logcheck/ignore.d.server/dcc
>>> /etc/logcheck/ignore.d.server/cyrus
>>> /etc/logcheck/ignore.d.server/cvsd
>>> /etc/logcheck/ignore.d.server/cvs-pserver
>>> /etc/logcheck/ignore.d.server/cups-lpd
>>> /etc/logcheck/ignore.d.server/cron-apt
>>> /etc/logcheck/ignore.d.server/cron
>>> /etc/logcheck/ignore.d.server/cpufreqd
>>> /etc/logcheck/ignore.d.server/cpqarrayd
>>> /etc/logcheck/ignore.d.server/courier
>>> /etc/logcheck/ignore.d.server/bluez-utils
>>> /etc/logcheck/ignore.d.server/bind
>>> /etc/logcheck/ignore.d.server/automount
>>> /etc/logcheck/ignore.d.server/asterisk
>>> /etc/logcheck/ignore.d.server/arpwatch
>>> /etc/logcheck/ignore.d.server/courier
>>> /etc/logcheck/ignore.d.server/bluez-utils
>>> /etc/logcheck/ignore.d.server/bind
>>> /etc/logcheck/ignore.d.server/automount
>>> /etc/logcheck/ignore.d.server/asterisk
>>> /etc/logcheck/ignore.d.server/arpwatch
>>> /etc/logcheck/ignore.d.server/apcupsd
>>> /etc/logcheck/ignore.d.server/apache
>>> /etc/logcheck/ignore.d.server/anon-proxy
>>> /etc/logcheck/ignore.d.server/anacron
>>> /etc/logcheck/ignore.d.server/amavisd-new
>>> /etc/logcheck/ignore.d.server/amandad
>>> /etc/logcheck/ignore.d.server/acpid
--- /etc/logcheck/ignore.d.workstation/
>>> /etc/logcheck/ignore.d.workstation/xlockmore
>>> /etc/logcheck/ignore.d.workstation/xdm
>>> /etc/logcheck/ignore.d.workstation/wpasupplicant
>>> /etc/logcheck/ignore.d.workstation/winbind
>>> /etc/logcheck/ignore.d.workstation/wdm
>>> /etc/logcheck/ignore.d.workstation/udev
>>> /etc/logcheck/ignore.d.workstation/squid
>>> /etc/logcheck/ignore.d.workstation/slim
>>> /etc/logcheck/ignore.d.workstation/sendfile
>>> /etc/logcheck/ignore.d.workstation/pump
>>> /etc/logcheck/ignore.d.workstation/proftpd
>>> /etc/logcheck/ignore.d.workstation/ppp
>>> /etc/logcheck/ignore.d.workstation/postfix
>>> /etc/logcheck/ignore.d.workstation/polypaudio
>>> /etc/logcheck/ignore.d.workstation/nntpcache
>>> /etc/logcheck/ignore.d.workstation/net-acct
>>> /etc/logcheck/ignore.d.workstation/login
>>> /etc/logcheck/ignore.d.workstation/logcheck
>>> /etc/logcheck/ignore.d.workstation/libpam-gnome-keyring
>>> /etc/logcheck/ignore.d.workstation/libmtp-runtime
>>> /etc/logcheck/ignore.d.workstation/laptop-mode-tools
>>> /etc/logcheck/ignore.d.workstation/kernel
>>> /etc/logcheck/ignore.d.workstation/kdm
>>> /etc/logcheck/ignore.d.workstation/ippl
>>> /etc/logcheck/ignore.d.workstation/ifplugd
>>> /etc/logcheck/ignore.d.workstation/hcid
>>> /etc/logcheck/ignore.d.workstation/hald
>>> /etc/logcheck/ignore.d.workstation/gdm
>>> /etc/logcheck/ignore.d.workstation/gconf
>>> /etc/logcheck/ignore.d.workstation/francine
>>> /etc/logcheck/ignore.d.workstation/dhcpcd
>>> /etc/logcheck/ignore.d.workstation/bonobo
>>> /etc/logcheck/ignore.d.workstation/bluez-utils
>>> /etc/logcheck/ignore.d.workstation/bluetooth-alsa
>>> /etc/logcheck/ignore.d.workstation/bind
>>> /etc/logcheck/ignore.d.workstation/automount
--- /etc/logcheck/ignore.d.paranoid/
>>> /etc/logcheck/ignore.d.paranoid/usb
>>> /etc/logcheck/ignore.d.paranoid/tripwire
>>> /etc/logcheck/ignore.d.paranoid/telnetd
>>> /etc/logcheck/ignore.d.paranoid/sysklogd
>>> /etc/logcheck/ignore.d.paranoid/stunnel
>>> /etc/logcheck/ignore.d.paranoid/ssh
>>> /etc/logcheck/ignore.d.paranoid/squid
>>> /etc/logcheck/ignore.d.paranoid/qpopper
>>> /etc/logcheck/ignore.d.paranoid/pureftp
>>> /etc/logcheck/ignore.d.paranoid/ppp
>>> /etc/logcheck/ignore.d.paranoid/postfix
>>> /etc/logcheck/ignore.d.paranoid/logcheck
>>> /etc/logcheck/ignore.d.paranoid/incron
>>> /etc/logcheck/ignore.d.paranoid/cron
>>> /etc/logcheck/ignore.d.paranoid/bind
>>> Safely unmerging already-installed instance...
>>> Original instance of package unmerged safely.
>>> app-admin/logcheck-1.3.18-r1 merged.
Unable to configure loopback interface: Permission denied
|
Quote: |
/etc
/etc/cron.hourly
/etc/cron.hourly/logcheck.cron
/etc/logcheck
/etc/logcheck/cracking.d
/etc/logcheck/cracking.d/kernel
/etc/logcheck/cracking.d/rlogind
/etc/logcheck/cracking.d/rsh
/etc/logcheck/cracking.d/smartd
/etc/logcheck/cracking.d/tftpd
/etc/logcheck/cracking.d/uucico
/etc/logcheck/cracking.ignore.d
/etc/logcheck/ignore.d.paranoid
/etc/logcheck/ignore.d.paranoid/bind
/etc/logcheck/ignore.d.paranoid/cron
/etc/logcheck/ignore.d.paranoid/incron
/etc/logcheck/ignore.d.paranoid/logcheck
/etc/logcheck/ignore.d.paranoid/postfix
/etc/logcheck/ignore.d.paranoid/ppp
/etc/logcheck/ignore.d.paranoid/pureftp
/etc/logcheck/ignore.d.paranoid/qpopper
/etc/logcheck/ignore.d.paranoid/squid
/etc/logcheck/ignore.d.paranoid/ssh
/etc/logcheck/ignore.d.paranoid/stunnel
/etc/logcheck/ignore.d.paranoid/sysklogd
/etc/logcheck/ignore.d.paranoid/telnetd
/etc/logcheck/ignore.d.paranoid/tripwire
/etc/logcheck/ignore.d.paranoid/usb
/etc/logcheck/ignore.d.server
/etc/logcheck/ignore.d.server/acpid
/etc/logcheck/ignore.d.server/amandad
/etc/logcheck/ignore.d.server/amavisd-new
/etc/logcheck/ignore.d.server/anacron
/etc/logcheck/ignore.d.server/anon-proxy
/etc/logcheck/ignore.d.server/apache
/etc/logcheck/ignore.d.server/apcupsd
/etc/logcheck/ignore.d.server/arpwatch
/etc/logcheck/ignore.d.server/asterisk
/etc/logcheck/ignore.d.server/automount
/etc/logcheck/ignore.d.server/bind
/etc/logcheck/ignore.d.server/bluez-utils
/etc/logcheck/ignore.d.server/courier
/etc/logcheck/ignore.d.server/cpqarrayd
/etc/logcheck/ignore.d.server/cpufreqd
/etc/logcheck/ignore.d.server/cron
/etc/logcheck/ignore.d.server/cron-apt
/etc/logcheck/ignore.d.server/cups-lpd
/etc/logcheck/ignore.d.server/cvs-pserver
/etc/logcheck/ignore.d.server/cvsd
/etc/logcheck/ignore.d.server/cyrus
/etc/logcheck/ignore.d.server/dcc
/etc/logcheck/ignore.d.server/ddclient
/etc/logcheck/ignore.d.server/dhclient
/etc/logcheck/ignore.d.server/dhcp
/etc/logcheck/ignore.d.server/dictd
/etc/logcheck/ignore.d.server/dkfilter
/etc/logcheck/ignore.d.server/dnsmasq
/etc/logcheck/ignore.d.server/dovecot
/etc/logcheck/ignore.d.server/dropbear
/etc/logcheck/ignore.d.server/dspam
/etc/logcheck/ignore.d.server/epmd
/etc/logcheck/ignore.d.server/exim4
/etc/logcheck/ignore.d.server/fcron
/etc/logcheck/ignore.d.server/ftpd
/etc/logcheck/ignore.d.server/git-daemon
/etc/logcheck/ignore.d.server/gnu-imap4d
/etc/logcheck/ignore.d.server/gps
/etc/logcheck/ignore.d.server/grinch
/etc/logcheck/ignore.d.server/horde3
/etc/logcheck/ignore.d.server/hplip
/etc/logcheck/ignore.d.server/hylafax
/etc/logcheck/ignore.d.server/ikiwiki
/etc/logcheck/ignore.d.server/imap
/etc/logcheck/ignore.d.server/imapproxy
/etc/logcheck/ignore.d.server/imp
/etc/logcheck/ignore.d.server/imp4
/etc/logcheck/ignore.d.server/innd
/etc/logcheck/ignore.d.server/ipppd
/etc/logcheck/ignore.d.server/isdnlog
/etc/logcheck/ignore.d.server/isdnutils
/etc/logcheck/ignore.d.server/jabberd
/etc/logcheck/ignore.d.server/kernel
/etc/logcheck/ignore.d.server/klogind
/etc/logcheck/ignore.d.server/krb5-kdc
/etc/logcheck/ignore.d.server/libpam-krb5
/etc/logcheck/ignore.d.server/libpam-mount
/etc/logcheck/ignore.d.server/logcheck
/etc/logcheck/ignore.d.server/login
/etc/logcheck/ignore.d.server/maradns
/etc/logcheck/ignore.d.server/mldonkey-server
/etc/logcheck/ignore.d.server/mon
/etc/logcheck/ignore.d.server/mountd
/etc/logcheck/ignore.d.server/nagios
/etc/logcheck/ignore.d.server/netconsole
/etc/logcheck/ignore.d.server/nfs
/etc/logcheck/ignore.d.server/nntpcache
/etc/logcheck/ignore.d.server/nscd
/etc/logcheck/ignore.d.server/nslcd
/etc/logcheck/ignore.d.server/openvpn
/etc/logcheck/ignore.d.server/otrs
/etc/logcheck/ignore.d.server/passwd
/etc/logcheck/ignore.d.server/pdns
/etc/logcheck/ignore.d.server/perdition
/etc/logcheck/ignore.d.server/policyd
/etc/logcheck/ignore.d.server/popa3d
/etc/logcheck/ignore.d.server/postfix
/etc/logcheck/ignore.d.server/postfix-policyd
/etc/logcheck/ignore.d.server/ppp
/etc/logcheck/ignore.d.server/pptpd
/etc/logcheck/ignore.d.server/procmail
/etc/logcheck/ignore.d.server/proftpd
/etc/logcheck/ignore.d.server/pure-ftpd
/etc/logcheck/ignore.d.server/pureftp
/etc/logcheck/ignore.d.server/qpopper
/etc/logcheck/ignore.d.server/rbldnsd
/etc/logcheck/ignore.d.server/rpc_statd
/etc/logcheck/ignore.d.server/rsnapshot
/etc/logcheck/ignore.d.server/rsync
/etc/logcheck/ignore.d.server/sa-exim
/etc/logcheck/ignore.d.server/samba
/etc/logcheck/ignore.d.server/saned
/etc/logcheck/ignore.d.server/sasl2-bin
/etc/logcheck/ignore.d.server/saslauthd
/etc/logcheck/ignore.d.server/schroot
/etc/logcheck/ignore.d.server/scponly
/etc/logcheck/ignore.d.server/slapd
/etc/logcheck/ignore.d.server/smartd
/etc/logcheck/ignore.d.server/smbd_audit
/etc/logcheck/ignore.d.server/smokeping
/etc/logcheck/ignore.d.server/snmpd
/etc/logcheck/ignore.d.server/snort
/etc/logcheck/ignore.d.server/spamc
/etc/logcheck/ignore.d.server/spamd
/etc/logcheck/ignore.d.server/squid
/etc/logcheck/ignore.d.server/ssh
/etc/logcheck/ignore.d.server/stunnel
/etc/logcheck/ignore.d.server/su
/etc/logcheck/ignore.d.server/sudo
/etc/logcheck/ignore.d.server/sympa
/etc/logcheck/ignore.d.server/syslogd
/etc/logcheck/ignore.d.server/systemd
/etc/logcheck/ignore.d.server/systemd-timesyncd
/etc/logcheck/ignore.d.server/teapop
/etc/logcheck/ignore.d.server/telnetd
/etc/logcheck/ignore.d.server/tftpd
/etc/logcheck/ignore.d.server/thy
/etc/logcheck/ignore.d.server/ucd-snmp
/etc/logcheck/ignore.d.server/upsd
/etc/logcheck/ignore.d.server/uptimed
/etc/logcheck/ignore.d.server/userv
/etc/logcheck/ignore.d.server/vsftpd
/etc/logcheck/ignore.d.server/watchdog
/etc/logcheck/ignore.d.server/wu-ftpd
/etc/logcheck/ignore.d.server/xinetd
/etc/logcheck/ignore.d.workstation
/etc/logcheck/ignore.d.workstation/automount
/etc/logcheck/ignore.d.workstation/bind
/etc/logcheck/ignore.d.workstation/bluetooth-alsa
/etc/logcheck/ignore.d.workstation/bluez-utils
/etc/logcheck/ignore.d.workstation/bonobo
/etc/logcheck/ignore.d.workstation/dhcpcd
/etc/logcheck/ignore.d.workstation/francine
/etc/logcheck/ignore.d.workstation/gconf
/etc/logcheck/ignore.d.workstation/gdm
/etc/logcheck/ignore.d.workstation/hald
/etc/logcheck/ignore.d.workstation/hcid
/etc/logcheck/ignore.d.workstation/ifplugd
/etc/logcheck/ignore.d.workstation/ippl
/etc/logcheck/ignore.d.workstation/kdm
/etc/logcheck/ignore.d.workstation/kernel
/etc/logcheck/ignore.d.workstation/laptop-mode-tools
/etc/logcheck/ignore.d.workstation/libmtp-runtime
/etc/logcheck/ignore.d.workstation/libpam-gnome-keyring
/etc/logcheck/ignore.d.workstation/logcheck
/etc/logcheck/ignore.d.workstation/login
/etc/logcheck/ignore.d.workstation/net-acct
/etc/logcheck/ignore.d.workstation/nntpcache
/etc/logcheck/ignore.d.workstation/polypaudio
/etc/logcheck/ignore.d.workstation/postfix
/etc/logcheck/ignore.d.workstation/ppp
/etc/logcheck/ignore.d.workstation/proftpd
/etc/logcheck/ignore.d.workstation/pump
/etc/logcheck/ignore.d.workstation/sendfile
/etc/logcheck/ignore.d.workstation/slim
/etc/logcheck/ignore.d.workstation/squid
/etc/logcheck/ignore.d.workstation/udev
/etc/logcheck/ignore.d.workstation/wdm
/etc/logcheck/ignore.d.workstation/winbind
/etc/logcheck/ignore.d.workstation/wpasupplicant
/etc/logcheck/ignore.d.workstation/xdm
/etc/logcheck/ignore.d.workstation/xlockmore
/etc/logcheck/logcheck.conf
/etc/logcheck/logcheck.logfiles
/etc/logcheck/logcheck.logfiles.d
/etc/logcheck/violations.d
/etc/logcheck/violations.d/kernel
/etc/logcheck/violations.d/logcheck
/etc/logcheck/violations.d/smartd
/etc/logcheck/violations.d/su
/etc/logcheck/violations.d/sudo
/etc/logcheck/violations.ignore.d
/etc/logcheck/violations.ignore.d/logcheck-su
/etc/logcheck/violations.ignore.d/logcheck-sudo
/usr
/usr/bin
/usr/bin/logcheck-test
/usr/sbin
/usr/sbin/logcheck
/usr/sbin/logtail
/usr/sbin/logtail2
/usr/share
/usr/share/doc
/usr/share/doc/logcheck-1.3.18-r1
/usr/share/doc/logcheck-1.3.18-r1/AUTHORS.bz2
/usr/share/doc/logcheck-1.3.18-r1/CHANGES.bz2
/usr/share/doc/logcheck-1.3.18-r1/CREDITS.bz2
/usr/share/doc/logcheck-1.3.18-r1/README.Maintainer.bz2
/usr/share/doc/logcheck-1.3.18-r1/README.gentoo
/usr/share/doc/logcheck-1.3.18-r1/README.how.to.interpret.bz2
/usr/share/doc/logcheck-1.3.18-r1/README.keywords.bz2
/usr/share/doc/logcheck-1.3.18-r1/README.logcheck-database.bz2
/usr/share/doc/logcheck-1.3.18-r1/README.logcheck.bz2
/usr/share/doc/logcheck-1.3.18-r1/README.logtail.bz2
/usr/share/doc/logcheck-1.3.18-r1/TODO.bz2
/usr/share/logtail
/usr/share/logtail/detectrotate
/usr/share/logtail/detectrotate/10-savelog.dtr
/usr/share/logtail/detectrotate/20-logrotate.dtr
/usr/share/logtail/detectrotate/30-logrotate-dateext.dtr
/usr/share/man
/usr/share/man/man8
/usr/share/man/man8/logtail.8.bz2
/usr/share/man/man8/logtail2.8.bz2
/var
/var/lib
/var/lib/logcheck
/var/lib/logcheck/.keep_app-admin_logcheck-0
|
Quote: |
Pour les changements dans logcheck 1.3.20 regarde ici |
Merci. |
|
Back to top |
|
|
y351 Apprentice
Joined: 21 May 2017 Posts: 200
|
Posted: Wed Feb 26, 2020 2:44 pm Post subject: |
|
|
Message lié ?
Quote: | From: added by portage for logcheck <logcheck@localhost>
Subject: Logcheck: localhost 2020-02-26 15:02 +0100 exiting due to errors
Warning: If you are seeing this message, your log files may not have been
checked!
Details:
Could not run logtail or save output
Check temporary directory: /tmp/logcheck.QX0Awc
Also verify that the logcheck user can read all files referenced in
/etc/logcheck/logcheck.logfiles!
declare -x HOME="/tmp"
declare -x LANG="fr_FR.utf8"
declare -x LC_COLLATE="C"
declare -x LC_MESSAGES="en_US.UTF-8"
declare -x LOGNAME="logcheck"
declare -x MAILTO="root"
declare -x OLDPWD
declare -x PATH="/sbin:/bin:/usr/sbin:/usr/bin"
declare -x PWD="/tmp"
declare -x SHELL="/bin/sh"
declare -x SHLVL="2"
declare -x USER="logcheck" |
Code: | cat /etc/logcheck/logcheck.logfiles |
Quote: | /var/log/auth.log
/var/log/messages
/var/log/cron.log
/var/log/daemon.log
/var/log/debug.log
/var/log/kern.log
/var/log/user.log |
Quote: | -rw-r-----. 1 root logcheck system_u:object_r:var_log_t 17468 21 févr. 15:02 /var/log/auth.log
-rw-r-----. 1 root logcheck system_u:object_r:cron_log_t 283639 21 févr. 15:41 /var/log/cron.log
-rw-r-----. 1 root logcheck system_u:object_r:var_log_t 35544 21 févr. 15:33 /var/log/daemon.log
-rw-r-----. 1 root logcheck system_u:object_r:var_log_t 36094 21 févr. 10:27 /var/log/debug.log
-rw-r-----. 1 root logcheck system_u:object_r:var_log_t 446565 21 févr. 14:41 /var/log/kern.log
-rw-r-----. 1 root logcheck system_u:object_r:var_log_t 1346819591 21 févr. 15:41 /var/log/messages
-rw-r-----. 1 root logcheck system_u:object_r:var_log_t 33352 21 févr. 14:41 /var/log/user.log
|
Code: | cat /var/log/cron.log |egrep 'Permission denied' |
Quote: |
(CRON) This directory or file can't be watched (/var/spool/cron/crontabs): Permission denied
(CRON) This directory or file can't be watched (/etc/cron.d): Permission denied
(CRON) This directory or file can't be watched (/etc/crontab): Permission denied |
Quote: | drwxr-xr-x. 1 root root system_u:object_r:system_cron_spool_t 144 30 janv. 18:42 /etc/cron.d
-rw-r--r--. 1 root root system_u:object_r:system_cron_spool_t 476 12 nov. 15:14 /etc/crontab
drwx-wx--T. 1 root crontab system_u:object_r:cron_spool_t 52 12 nov. 15:14 /var/spool/cron/crontabs |
Code: | su -s /bin/bash -c "/usr/sbin/logcheck -d" logcheck |
Quote: |
D: [1582297218] Turning debug mode on
D: [1582297218] Sourcing - /etc/logcheck/logcheck.conf
D: [1582297218] Finished getopts c:dhH:l:L:m:opr:RsS:tTuvw
D: [1582297218] Trying to get lockfile: /run/lock/logcheck/logcheck.lock
D: [1582297218] Running lockfile-touch /run/lock/logcheck/logcheck.lock
D: [1582297218] cleanrules: /etc/logcheck/cracking.d/kernel
D: [1582297218] cleanrules: /etc/logcheck/cracking.d/rlogind
D: [1582297218] cleanrules: /etc/logcheck/cracking.d/rsh
D: [1582297218] cleanrules: /etc/logcheck/cracking.d/smartd
D: [1582297218] cleanrules: /etc/logcheck/cracking.d/tftpd
D: [1582297218] cleanrules: /etc/logcheck/cracking.d/uucico
D: [1582297218] cleanrules: /etc/logcheck/violations.d/kernel
D: [1582297218] cleanrules: /etc/logcheck/violations.d/logcheck
D: [1582297218] cleanrules: /etc/logcheck/violations.d/smartd
D: [1582297218] cleanrules: /etc/logcheck/violations.d/su
D: [1582297218] cleanrules: /etc/logcheck/violations.d/sudo
D: [1582297218] cleanrules: /etc/logcheck/violations.ignore.d/logcheck-su
D: [1582297218] cleanrules: /etc/logcheck/violations.ignore.d/logcheck-sudo
D: [1582297218] cleanrules: /etc/logcheck/ignore.d.server/acpid
D: [1582297218] cleanrules: /etc/logcheck/ignore.d.server/amandad
D: [1582297218] cleanrules: /etc/logcheck/ignore.d.server/amavisd-new
D: [1582297218] cleanrules: /etc/logcheck/ignore.d.server/anacron
D: [1582297218] cleanrules: /etc/logcheck/ignore.d.server/anon-proxy
D: [1582297218] cleanrules: /etc/logcheck/ignore.d.server/apache
D: [1582297218] cleanrules: /etc/logcheck/ignore.d.server/apcupsd
D: [1582297218] cleanrules: /etc/logcheck/ignore.d.server/arpwatch
D: [1582297218] cleanrules: /etc/logcheck/ignore.d.server/asterisk
D: [1582297218] cleanrules: /etc/logcheck/ignore.d.server/automount
D: [1582297218] cleanrules: /etc/logcheck/ignore.d.server/bind
D: [1582297218] cleanrules: /etc/logcheck/ignore.d.server/bluez-utils
D: [1582297218] cleanrules: /etc/logcheck/ignore.d.server/courier
D: [1582297218] cleanrules: /etc/logcheck/ignore.d.server/cpqarrayd
D: [1582297218] cleanrules: /etc/logcheck/ignore.d.server/cpufreqd
D: [1582297218] cleanrules: /etc/logcheck/ignore.d.server/cron
D: [1582297218] cleanrules: /etc/logcheck/ignore.d.server/cron-apt
D: [1582297218] cleanrules: /etc/logcheck/ignore.d.server/cups-lpd
D: [1582297218] cleanrules: /etc/logcheck/ignore.d.server/cvs-pserver
D: [1582297218] cleanrules: /etc/logcheck/ignore.d.server/cvsd
D: [1582297218] cleanrules: /etc/logcheck/ignore.d.server/cyrus
D: [1582297218] cleanrules: /etc/logcheck/ignore.d.server/dcc
D: [1582297218] cleanrules: /etc/logcheck/ignore.d.server/ddclient
D: [1582297218] cleanrules: /etc/logcheck/ignore.d.server/dhclient
D: [1582297218] cleanrules: /etc/logcheck/ignore.d.server/dhcp
D: [1582297218] cleanrules: /etc/logcheck/ignore.d.server/dictd
D: [1582297218] cleanrules: /etc/logcheck/ignore.d.server/dkfilter
D: [1582297218] cleanrules: /etc/logcheck/ignore.d.server/dnsmasq
D: [1582297218] cleanrules: /etc/logcheck/ignore.d.server/dovecot
D: [1582297219] cleanrules: /etc/logcheck/ignore.d.server/dropbear
D: [1582297219] cleanrules: /etc/logcheck/ignore.d.server/dspam
D: [1582297219] cleanrules: /etc/logcheck/ignore.d.server/epmd
D: [1582297219] cleanrules: /etc/logcheck/ignore.d.server/exim4
D: [1582297219] cleanrules: /etc/logcheck/ignore.d.server/fcron
D: [1582297219] cleanrules: /etc/logcheck/ignore.d.server/ftpd
D: [1582297219] cleanrules: /etc/logcheck/ignore.d.server/git-daemon
D: [1582297219] cleanrules: /etc/logcheck/ignore.d.server/gnu-imap4d
D: [1582297219] cleanrules: /etc/logcheck/ignore.d.server/gps
D: [1582297219] cleanrules: /etc/logcheck/ignore.d.server/grinch
D: [1582297219] cleanrules: /etc/logcheck/ignore.d.server/horde3
D: [1582297219] cleanrules: /etc/logcheck/ignore.d.server/hplip
D: [1582297219] cleanrules: /etc/logcheck/ignore.d.server/hylafax
D: [1582297219] cleanrules: /etc/logcheck/ignore.d.server/ikiwiki
D: [1582297219] cleanrules: /etc/logcheck/ignore.d.server/imap
D: [1582297219] cleanrules: /etc/logcheck/ignore.d.server/imapproxy
D: [1582297219] cleanrules: /etc/logcheck/ignore.d.server/imp
D: [1582297219] cleanrules: /etc/logcheck/ignore.d.server/imp4
D: [1582297219] cleanrules: /etc/logcheck/ignore.d.server/innd
D: [1582297219] cleanrules: /etc/logcheck/ignore.d.server/ipppd
D: [1582297219] cleanrules: /etc/logcheck/ignore.d.server/isdnlog
D: [1582297219] cleanrules: /etc/logcheck/ignore.d.server/isdnutils
D: [1582297219] cleanrules: /etc/logcheck/ignore.d.server/jabberd
D: [1582297219] cleanrules: /etc/logcheck/ignore.d.server/kernel
D: [1582297219] cleanrules: /etc/logcheck/ignore.d.server/klogind
D: [1582297219] cleanrules: /etc/logcheck/ignore.d.server/krb5-kdc
D: [1582297219] cleanrules: /etc/logcheck/ignore.d.server/libpam-krb5
D: [1582297219] cleanrules: /etc/logcheck/ignore.d.server/libpam-mount
D: [1582297219] cleanrules: /etc/logcheck/ignore.d.server/logcheck
D: [1582297219] cleanrules: /etc/logcheck/ignore.d.server/login
D: [1582297219] cleanrules: /etc/logcheck/ignore.d.server/maradns
D: [1582297219] cleanrules: /etc/logcheck/ignore.d.server/mldonkey-server
D: [1582297219] cleanrules: /etc/logcheck/ignore.d.server/mon
D: [1582297219] cleanrules: /etc/logcheck/ignore.d.server/mountd
D: [1582297219] cleanrules: /etc/logcheck/ignore.d.server/nagios
D: [1582297219] cleanrules: /etc/logcheck/ignore.d.server/netconsole
D: [1582297219] cleanrules: /etc/logcheck/ignore.d.server/nfs
D: [1582297219] cleanrules: /etc/logcheck/ignore.d.server/nntpcache
D: [1582297219] cleanrules: /etc/logcheck/ignore.d.server/nscd
D: [1582297219] cleanrules: /etc/logcheck/ignore.d.server/nslcd
D: [1582297219] cleanrules: /etc/logcheck/ignore.d.server/openvpn
D: [1582297219] cleanrules: /etc/logcheck/ignore.d.server/otrs
D: [1582297219] cleanrules: /etc/logcheck/ignore.d.server/passwd
D: [1582297219] cleanrules: /etc/logcheck/ignore.d.server/pdns
D: [1582297219] cleanrules: /etc/logcheck/ignore.d.server/perdition
D: [1582297219] cleanrules: /etc/logcheck/ignore.d.server/policyd
D: [1582297219] cleanrules: /etc/logcheck/ignore.d.server/popa3d
D: [1582297219] cleanrules: /etc/logcheck/ignore.d.server/postfix
D: [1582297219] cleanrules: /etc/logcheck/ignore.d.server/postfix-policyd
D: [1582297219] cleanrules: /etc/logcheck/ignore.d.server/ppp
D: [1582297219] cleanrules: /etc/logcheck/ignore.d.server/pptpd
D: [1582297219] cleanrules: /etc/logcheck/ignore.d.server/procmail
D: [1582297219] cleanrules: /etc/logcheck/ignore.d.server/proftpd
D: [1582297219] cleanrules: /etc/logcheck/ignore.d.server/pure-ftpd
D: [1582297219] cleanrules: /etc/logcheck/ignore.d.server/pureftp
D: [1582297219] cleanrules: /etc/logcheck/ignore.d.server/qpopper
D: [1582297219] cleanrules: /etc/logcheck/ignore.d.server/rbldnsd
D: [1582297219] cleanrules: /etc/logcheck/ignore.d.server/rpc_statd
D: [1582297219] cleanrules: /etc/logcheck/ignore.d.server/rsnapshot
D: [1582297219] cleanrules: /etc/logcheck/ignore.d.server/rsync
D: [1582297219] cleanrules: /etc/logcheck/ignore.d.server/sa-exim
D: [1582297219] cleanrules: /etc/logcheck/ignore.d.server/samba
D: [1582297219] cleanrules: /etc/logcheck/ignore.d.server/saned
D: [1582297219] cleanrules: /etc/logcheck/ignore.d.server/sasl2-bin
D: [1582297219] cleanrules: /etc/logcheck/ignore.d.server/saslauthd
D: [1582297219] cleanrules: /etc/logcheck/ignore.d.server/schroot
D: [1582297219] cleanrules: /etc/logcheck/ignore.d.server/scponly
D: [1582297219] cleanrules: /etc/logcheck/ignore.d.server/slapd
D: [1582297219] cleanrules: /etc/logcheck/ignore.d.server/smartd
D: [1582297219] cleanrules: /etc/logcheck/ignore.d.server/smbd_audit
D: [1582297219] cleanrules: /etc/logcheck/ignore.d.server/smokeping
D: [1582297219] cleanrules: /etc/logcheck/ignore.d.server/snmpd
D: [1582297219] cleanrules: /etc/logcheck/ignore.d.server/snort
D: [1582297219] cleanrules: /etc/logcheck/ignore.d.server/spamc
D: [1582297219] cleanrules: /etc/logcheck/ignore.d.server/spamd
D: [1582297219] cleanrules: /etc/logcheck/ignore.d.server/squid
D: [1582297219] cleanrules: /etc/logcheck/ignore.d.server/ssh
D: [1582297219] cleanrules: /etc/logcheck/ignore.d.server/stunnel
D: [1582297219] cleanrules: /etc/logcheck/ignore.d.server/su
D: [1582297219] cleanrules: /etc/logcheck/ignore.d.server/sudo
D: [1582297219] cleanrules: /etc/logcheck/ignore.d.server/sympa
D: [1582297219] cleanrules: /etc/logcheck/ignore.d.server/syslogd
D: [1582297219] cleanrules: /etc/logcheck/ignore.d.server/systemd
D: [1582297219] cleanrules: /etc/logcheck/ignore.d.server/systemd-timesyncd
D: [1582297219] cleanrules: /etc/logcheck/ignore.d.server/teapop
D: [1582297219] cleanrules: /etc/logcheck/ignore.d.server/telnetd
D: [1582297219] cleanrules: /etc/logcheck/ignore.d.server/tftpd
D: [1582297219] cleanrules: /etc/logcheck/ignore.d.server/thy
D: [1582297219] cleanrules: /etc/logcheck/ignore.d.server/ucd-snmp
D: [1582297219] cleanrules: /etc/logcheck/ignore.d.server/upsd
D: [1582297219] cleanrules: /etc/logcheck/ignore.d.server/uptimed
D: [1582297219] cleanrules: /etc/logcheck/ignore.d.server/userv
D: [1582297219] cleanrules: /etc/logcheck/ignore.d.server/vsftpd
D: [1582297219] cleanrules: /etc/logcheck/ignore.d.server/watchdog
D: [1582297219] cleanrules: /etc/logcheck/ignore.d.server/wu-ftpd
D: [1582297219] cleanrules: /etc/logcheck/ignore.d.server/xinetd
D: [1582297219] cleanrules: /etc/logcheck/ignore.d.paranoid/bind
D: [1582297219] cleanrules: /etc/logcheck/ignore.d.paranoid/cron
D: [1582297219] cleanrules: /etc/logcheck/ignore.d.paranoid/incron
D: [1582297219] cleanrules: /etc/logcheck/ignore.d.paranoid/logcheck
D: [1582297219] cleanrules: /etc/logcheck/ignore.d.paranoid/postfix
D: [1582297219] cleanrules: /etc/logcheck/ignore.d.paranoid/ppp
D: [1582297219] cleanrules: /etc/logcheck/ignore.d.paranoid/pureftp
D: [1582297219] cleanrules: /etc/logcheck/ignore.d.paranoid/qpopper
D: [1582297219] cleanrules: /etc/logcheck/ignore.d.paranoid/squid
D: [1582297219] cleanrules: /etc/logcheck/ignore.d.paranoid/ssh
D: [1582297219] cleanrules: /etc/logcheck/ignore.d.paranoid/stunnel
D: [1582297219] cleanrules: /etc/logcheck/ignore.d.paranoid/sysklogd
D: [1582297219] cleanrules: /etc/logcheck/ignore.d.paranoid/telnetd
D: [1582297219] cleanrules: /etc/logcheck/ignore.d.paranoid/tripwire
D: [1582297219] cleanrules: /etc/logcheck/ignore.d.paranoid/usb
D: [1582297219] logoutput called with file: /var/log/auth.log
D: [1582297219] Running /usr/sbin/logtail2 on /var/log/auth.log
D: [1582297219] logoutput called with file: /var/log/messages
D: [1582297219] Running /usr/sbin/logtail2 on /var/log/messages
D: [1582297245] logoutput called with file: /var/log/cron.log
D: [1582297245] Running /usr/sbin/logtail2 on /var/log/cron.log
D: [1582297245] logoutput called with file: /var/log/daemon.log
D: [1582297245] Running /usr/sbin/logtail2 on /var/log/daemon.log
D: [1582297245] logoutput called with file: /var/log/debug.log
D: [1582297245] Running /usr/sbin/logtail2 on /var/log/debug.log
D: [1582297245] logoutput called with file: /var/log/kern.log
D: [1582297245] Running /usr/sbin/logtail2 on /var/log/kern.log
D: [1582297245] logoutput called with file: /var/log/user.log
D: [1582297245] Running /usr/sbin/logtail2 on /var/log/user.log
D: [1582297245] Sorting logs
D: [1582297283] Setting the Intro
D: [1582297283] Checking for security alerts
D: [1582297283] greplogoutput: kernel
D: [1582297284] greplogoutput: rlogind
D: [1582297285] greplogoutput: rsh
D: [1582297286] greplogoutput: smartd
D: [1582297287] greplogoutput: tftpd
D: [1582297288] greplogoutput: uucico
D: [1582297289] greplogoutput: returning 1
D: [1582297289] Checking for security events
D: [1582297289] greplogoutput: kernel
D: [1582297290] greplogoutput: logcheck
D: [1582297290] greplogoutput: smartd
D: [1582297290] greplogoutput: su
D: [1582297290] greplogoutput: Entries in checked
D: [1582297290] cleanchecked - file: /tmp/logcheck.EcXEoe/violations-ignore/logcheck-su
D: [1582297291] greplogoutput: sudo
D: [1582297291] greplogoutput: Entries in checked
D: [1582297291] cleanchecked - file: /tmp/logcheck.EcXEoe/violations-ignore/logcheck-sudo
D: [1582297291] report: cat'ing - Security Events for sudo
D: [1582297291] greplogoutput: returning 0
D: [1582297291] Checking for system events
D: [1582297292] cleanchecked - dir - /tmp/logcheck.EcXEoe/ignore
D: [1582297292] cleanchecked - dir - /tmp/logcheck.EcXEoe/ignore/acpid
cat: write error: No space left on device
D: [1582297292] error: Killing lockfile-touch - 25887
D: [1582297292] error: Removing lockfile: /run/lock/logcheck/logcheck.lock
D: [1582297292] Error: Could not output to TMPDIR/checked.1.
/usr/sbin/logcheck: line 164: cannot create temp file for here-document: No space left on device
D: [1582297292] cleanup: Removing - /tmp/logcheck.EcXEoe |
Il n'y a pas de problème d'espace. |
|
Back to top |
|
|
sebB l33t
Joined: 02 Mar 2011 Posts: 806 Location: S.O. France
|
Posted: Wed Feb 26, 2020 6:40 pm Post subject: |
|
|
D'après l'ebuild, l'utilisateur et le groupe logcheck auraient du être créé.
Code: | pkg_setup() {
enewgroup logcheck
enewuser logcheck -1 -1 -1 logcheck
} |
Or ce n'est pas le cas chez toi. Peut-être à cause de selinux.
cat /etc/passwd pour vérifier.
Faudrait savoir qui essait de créer quoi. logcheck ou root?
Si tu demande a l'utilisateur logcheck de créer des dossiers, de surveiller des fichiers alors qu'il n'existe pas, ça va être compliqué. |
|
Back to top |
|
|
y351 Apprentice
Joined: 21 May 2017 Posts: 200
|
Posted: Thu Feb 27, 2020 11:33 am Post subject: |
|
|
sebB wrote: |
Or ce n'est pas le cas chez toi. Peut-être à cause de selinux.
cat /etc/passwd pour vérifier. |
Code: | egrep logcheck /etc/passwd /etc/group |
Quote: | logcheck:x:109:998:added by portage for logcheck:/dev/null:/sbin/nologin
logcheck:x:998: |
J'ai finalement résolu certains soucis :
Quote: |
I've solved some alertes with SELinux :
allow system_cronjob_t var_lock_t:dir create;
allow system_cronjob_t var_lib_t:file { read write open };
allow system_cronjob_t var_lock_t:dir setattr;
allow system_cronjob_t self:cap_userns sys_ptrace;
allow system_cronjob_t self:capability sys_ptrace;
But, it seems that this one has nothing with SELinux :
From: "(Cron Daemon)" <logcheck@localhost>
Subject: Cron <logcheck@localhost> if [ -x /usr/sbin/logcheck ]; then nice -n10 /usr/sbin/logcheck -R; fi
mkdir: cannot create directory ‘/run/lock/logcheck’: Permission denied
ll /var/lock/
drwxr-xr-x. 2 logcheck logcheck 40 27 févr. 12:02 logcheck
drwx------. 2 root root 40 27 févr. 10:34 lvm
ll /var/lock/ -dZ
drwxrwxr-x. 4 root uucp system_u:object_r:var_lock_t 80 27 févr. 11:01 /var/lock/
ll /var/lock
lrwxrwxrwx. 1 root root 9 13 juin 2018 /var/lock -> /run/lock
ll /run/lock/ -dZ
drwxrwxr-x. 4 root uucp system_u:object_r:var_lock_t 80 27 févr. 11:01 /run/lock/
/run is mounted in tmpfs filsystem. |
|
|
Back to top |
|
|
|