On Tue, 14 Mar 2023 10:19:19 -0400 Simon Deziel wrote:
> On 2023-03-14 08:49, Richard Lewis wrote:
> > On Mon, 13 Mar 2023, 12:36 Simon Deziel, wrote:
> >
> >> egrep still consumes a lot of memory for me. A workaround I've been
> >> using is to add th
On Thu, 16 Jun 2011 16:38:49 +0200 Nenad Cimerman
wrote:
TLDR: some time in the last 15 years, this bug against logcheck has
been fixed, as far as i can tell
> My system is setup with non-POSIX default locale (see below), using UTF-8
> character encoding.
> This leads to many lines inside
On Sun, 19 May 2024 at 05:06, Stefanos Harhalakis wrote:
> See attached patch for matching NVMe devices too in smartd logs
Thanks - yes i'd noticed that the rules for smartd need an update and
this is on the radar - however, the
update to the names of the .state files i was not aware of!
I
On Sat, 18 May 2024 at 08:39, Shai Berger wrote:
> This morning, when chkrootkit made its daily run, I had
> in /tmp a file named: 'חברת חשמל לישראל בע"מ - חשבון דו חודשי.pdf'
> (the single quote marks on the edges are not part of the name, but
> the double quote mark in the middle is)
>
> This
On Sun, 4 May 2014 22:33:23 +1000 Scott Leggett wrote:
> I just spent half an hour figuring out how to get window titles to
> reflect my session in byobu.. and I find the exact patch required is
> already here (thanks Josh).
>
> I guess this is just a +1 for patching skel.bashrc so that ssh-ing
On Fri, 06 May 2011 11:32:03 -0700 Gerald Turner wrote:
> Hello, I've seen some legitimate mails with unusual Message-Id headers
> that cause logchecks dovecot delivery rule to be bypassed.
>
> Example: … sieve: msgid=<20110422T2108.GA.(stdi.s...@fsing.rootsland.net>:
> stored mail into mailbox
On Sun, 12 May 2024 at 19:57, Marc Haber wrote:
>
> On Sun, May 12, 2024 at 06:54:59PM +0100, R Lewis wrote:
> > On Wed, 16 Jul 2008 23:15:51 +0200 Marc Haber
> > wrote:
> >
> > > It would help with debugging to have an option that causes logcheck to
> > > always look through the entire log
control: tags -1 + moreinfo
thanks
On Wed, 25 Nov 2020 13:13:14 +0500 Alex Volkov wrote:
> IDK how it was in 2006 when this stupid decision was made, but nowadays
> `smartd` has all the needed filtering features in itself, in a case someone
> gets "annoyed" by attribute changes. Yeah, sure, it
control: tags -1 moreinfo
control: severity -1 wishlist
thanks
On Mon, 15 May 2017 10:42:03 +0200
> I am very happy with logcheck. It is great working and very usefull. However,
> it would be nice, if you could add a ruleset for suricata (a successor to the
> well known snort IDS), so I get
On Tue, 14 Jan 2014 13:33:25 +0100 Arne Wichmann wrote:
> There is one thing I would like to have in logcheck for quite a long time
> already:
>
> Invent a mechanism by which a pattern is only mailed (or not mailed) if
> another pattern was seen a given time before it (or also possibly after
>
On Sun, 20 Jan 2019 15:50:55 +0530 Charles Atkinson
wrote:
> Please consider introducing wildcards into the paths in the .logfiles
> configuration files. Perhaps similar to the way they are used in logrotate's
> paths.
> A use case is when using logcheck to check logs from multiple
> This bug is nearly 20 years old. (It is a shame no-one replied - the links
> no longer work and there is not enough info recorded to action)
>
> Unless anyone is watching and can proivde more info about what the issue
> is/was then i suggest we close it.
A year later: closing.
logcheck can
On Mon, 24 Aug 2009 08:36:21 -0400
=?iso-8859-1?B?RnLpZOlyaWMgQnJp6HJl?= wrote:
> On Thu, Mar 31, 2005 at 09:54:34AM -0500, Marc Sherman wrote:
> > I reported a bug on a couple clamav packages (302253, 302254) which
> > noted that in Sarge, logcheck files are supposed to be root:logcheck
> > 640,
On Wed, 16 Aug 2006 05:33:26 -0500 bingo wrote:
> It would be good if logtail supports locking.
I think we need some more information if this bug is to be action-ed.
logcheck uses logtail2 now (and syslog is not the default):so perhaps
it is not relevant after nearly 20 years (there were other
On Mon, 2 Jun 2014 10:25:40 -0700 (PDT) Chris Stromsoe wrote:
> logtail2 does not do any sanity checking on the final line of input to
> make sure that it is complete and "\n" terminated. If syslog is not set
> to flush on every write, it's possible for consecutive runs of logcheck to
> get a
On Fri, 14 Mar 2008 21:50:17 -0400 =?utf-8?b?RnLDqWTDqXJpYyBCcmnDqHJl?= <
> When testing a checked-out copy of the rulefiles against an old log copy
> and sending the output to stdout, I still have to use sudo because
> logcheck insists on creating a lockfile. It'd be nice to provide an
> option
On Sat, 16 May 2020 17:12:42 -0700 Wade Richards wrote:
> This is regarding Debian bug #47608 "wrong charset in logcheck mail
> (charset=unknown-8bit)"
>
>
> The maintainer has closed this bug as 'wontfix', but if an end-user is
> looking for a work-around, you can add the following to your
>
On Sat, 18 Mar 2023 18:55:25 + Richard Lewis
wrote:
> On Sat, 18 Mar 2023, 15:12 Holger Levsen, wrote:
>
> > On Thu, Mar 16, 2023 at 06:00:06PM +, Holger Levsen wrote:
> > > aaah, thanks! I only checked
> > /usr/share/doc/logcheck/NEWS.Debian.gz
&
On Fri, 28 May 2010 19:04:17 +0200 Holger Levsen wrote:
> I often add logcheck ignore rules for security related events (like ssh login
> attemps. etc), cause they are too many and login is protected reasonably
> anyway.
>
> But then I would like to get summaries for some ignored patterns,
On Fri, 3 May 2024, 12:44 Francesco Potortì, wrote:
>
> > One cure would be to have logcheck ignore user-level messages, and only
> care about system-level ones. Is that possible?
> >
> >maybe it is possible - how do you define "system-level message"?
>
> Those created by root-owned processes,
control: close 1070436
thanks
On Sun, 5 May 2024, 19:10 Jochen Sprickerhof, wrote:
> Hi Richard,
>
> * Richard Lewis [2024-05-05 11:32]:
> >If i try and run tests that use 'unshare --net' with a
> >schroot backend they fail inside autopkgtest even though
> >this work
Package: autopkgtest
Version: 5.28
Severity: normal
X-Debbugs-Cc: richard.lewis.deb...@googlemail.com
Dear Maintainer,
If i try and run tests that use 'unshare --net' with a
schroot backend they fail inside autopkgtest even though
this works in the schroot being used.
This works fine in a
control: reassign -1 logcheck-database
thanks
(this is mostly about logcheck-database)
On Fri, 3 May 2024, 09:39 Francesco Potortì, wrote:
>
>
> Starting maybe a couple years ago, logcheck spits an amount of stuff that
> has now become unamnageable.
logcheck-database was mostly dormant sround
On Thu, 2 May 2024, 03:45 Vincent Lefevre, wrote:
> On 2024-05-01 19:05:06 +0100, Richard Lewis wrote:
> > I agree that you should be able to filter out duplicate lines. And i
> think
> > this is possible with a custom filter.
>
> Yes, but "sed" may not b
lOn Mon, 29 Apr 2024, 14:19 Helge Kreutzmann, wrote:
> Am Sat, Apr 27, 2024 at 07:11:40PM +0100 schrieb Richard Lewis:
> > On Sun, 17 Jul 2022 17:28:11 +0100 Richard Lewis
> > wrote:
>
> > Hi Helge. Apologies no-one has replied to this bug report for 2 years
> &g
On Wed, 1 May 2024, 00:57 Vincent Lefevre, wrote:
> On 2024-05-01 01:29:10 +0200, Vincent Lefevre wrote:
> > For instance, /var/log/chkrootkit/log.expected contains
> >
> > WARNING: Output from ifpromisc:
> > lo: not promisc and no packet sniffer sockets
> > : PACKET
>
On Sat, 03 Feb 2007 10:29:38 +0100 Jonas Koelker wrote:
> I (think I) want to see how many times the messages I care about are
> repeated. This means I can't ignore "last line repeated $n times"
> messages (obviously). But since those can also occur after messages
> that are ignored, I can't
On Tue, 16 Oct 2012 03:14:20 +0200 Sebastian Steinhuber
wrote:
> Dear Maintainer,
> to drop (slightly boring) messages from the package rrdcached of the
> form:
> Oct 15 22:59:29 dds rrdcached[12045]: flushing old values
>
> I added a file named ignore.d.server/rrdcached, containing the line:
>
On Fri, 14 Sep 2007 14:06:58 +0200 martin f krafft wrote:
> also sprach Alex Prinsier [2007.09.14.1344
> +0200]:
> > Please copy over the filters from cyrus-imapd-2.2. I'm running
> > logcheck on a loghost, which doesn't run cyrus itself. There might
> > be a better alternative to copying the
Closing this bug from 2010 (14 years ago!) -- the then-maintainer
found that most of the suggestions were either already present or
should not actually be added, for various reasons.
A requested was made to resubmit as more independent bugs - if that
was done, we dont need this bug, and if not
package: logcheck-database
# think it's reasonable to add rkhunter rules - although the ones in
this bug need updates
severity 511483 normal
tags 511481 - wontfix
On Tue, 10 Aug 2010 10:28:54 +1000 Nemo wrote:
> > ^\w{3} [ :[:digit:]]{11} [._[:alnum:]-]+
> > transmission-daemon\[[[:digit:]]+\]: Saved
> > "/var/lib/transmission-daemon/info/.*" \(bencode.c:1651\)$
> > ^\w{3} [ :0-9]{11} [._[:alnum:]-]+ transmission-daemon\[[0-9]+\]: .* DHT
> > announce
On Sun, 17 Jul 2022 17:28:11 +0100 Richard Lewis
wrote:
> > The pattern for rsyslogd can be improved. Please add the following
> > line:
> >
> > imuxsock: Acquired UNIX socket '/run/systemd/journal/syslog' \(fd 3\) from
> > systemd. \[v8.2206.0\]
> >
>
On Tue, 16 Jun 2009 11:27:57 -0700 Russ Allbery wrote:
> chrysn writes:
> touch /etc/default/locale will also make these go away with no behavior
> changes. In my experience, it happens on systems upgraded from older
> versions of Debian but not with new installs. I think this is more a
> bug
On Tue, 18 Aug 2009 20:24:31 -0400
=?iso-8859-1?B?RnLpZOlyaWMgQnJp6HJl?= wrote:
> On Fri, Jan 02, 2009 at 10:21:51AM +0100, Jan Evert van Grootheest wrote:
> > Package: logcheck-database
> > Version: 1.2.68
> >
> > It has now started to spam the logs with lots of
> > Jan 2 09:22:57 sisko
On Mon, 02 Aug 2010 10:29:03 +0200 Hannes von Haugwitz
wrote:
> > ^\w{3} [ :[:digit:]]{11} [._[:alnum:]-]+ rsyslogd: \[origin
> > software="rsyslogd" swVersion="3.18.6" x-pid="[[:digit:]]+"
> > x-info="http://www.rsyslog.com"\] restart$
>
> Daemon restart messages are willingly not included in
On Tue, 23 Apr 2024, 00:12 Thorsten Glaser, wrote:
> P: openjdk-8-doc: debian-changelog-line-too-short CVEs
> [usr/share/doc/openjdk-8-doc/changelog.Debian.gz:4]
>
> The changelog in question is:
>
> * New upstream release
> * CVEs
> - CVE-2024-21011
> - CVE-2024-21085
> -
On Thu, 18 Apr 2024, 23:18 Santiago Vila, wrote:
> El 18/4/24 a las 22:17, Richard Lewis escribió:
> >>> '^[a-zA-Z0-9_][a-zA-Z0-9._-]*\.sh$'
> >>
> >> Hi. I confirm that this is appropriate for what we distribute:
> >
> > What about local sc
> >'^[a-zA-Z0-9_][a-zA-Z0-9._-]*\.sh$'
>
> Hi. I confirm that this is appropriate for what we distribute:
What about local scripts added by users (which this change might
prevent loading): perhaps a NEWS.Debian entry would suffice?
On Fri, 12 Apr 2024, 19:00 Johannes Schauer Marin Rodrigues, <
jo...@debian.org> wrote:
> Hi Francesco,
>
> Quoting Francesco Poli (wintermute) (2024-04-11 00:13:51)
> >
> > sbuild --dist unstable --purge-build=never --purge-deps=never
> --chroot-mode=autopkgtest --autopkgtest-virt-server=qemu
On Wed, 28 Feb 2024 18:37:41 +0100 Michael Biebl wrote:
> On Fri, 17 Nov 2023 14:40:05 +0100 Christoph Anton Mitterer
> wrote:
> > Package: systemd
> > Version: 255~rc2-1
> > Because of #1056135 I was downgradin systemd/udev packages to 254.5-1.
> > While apt was still running, this causes the
On Mon, 26 Feb 2024, 13:03 Michael Biebl, wrote:
> Hi
>
> On Thu, 22 Feb 2024 19:01:05 +0000 Richard Lewis
> wrote:
> > On Thu, 22 Feb 2024, 10:15 Ralf Schlatterbeck, wrote:
> >
> > > On Wed, Feb 21, 2024 at 02:52:33PM +0100, Ralf Schlatterbeck wrote:
&g
On Thu, 22 Feb 2024, 10:15 Ralf Schlatterbeck, wrote:
> On Wed, Feb 21, 2024 at 02:52:33PM +0100, Ralf Schlatterbeck wrote:
> >
> > I forgot to mention:
> > There is an upstream (rsyslog) bug-report at
> > https://github.com/rsyslog/rsyslog/issues/5332
>
> Upstream has decided that it is not a
On Sun, 31 Dec 2023 at 17:30, Franck Richter wrote:
> Currently chkrootkit-daily send me emails even if I ignore all false
> positives using chkrootkit.ignore.
> Because chkrootkit outputs empty lines that cannot be excluded via
> chkrootkit.ignore.
I havn't checked this, but: i think you
On Sun, 3 Dec 2023 00:06:23 +0100 =?UTF-8?B?UHJldcOfZSwgSGlsbWFy?=
wrote:
> On 02.12.2023 08:30, Johannes Schauer Marin Rodrigues wrote:
> > Quoting Hilmar Preusse (2023-12-01 23:10:36)
>
> Hi,
>
> >> I run sbuild as following:
> >>
> >> sbuild --no-run-lintian --arch-all --dist=sid *.dsc -d
>
control: close -1
thanks
On Tue, 19 Dec 2023, 08:39 Stefano Callegari,
wrote:
>
>
> > The logs lines there are, but after the header I see many blank lines: I
> > use mutt in a full screen console (more than 50 lines) and I need to
> press
> > page down for 16 times before reach the first line
On Sun, 17 Dec 2023 at 19:03, Stefano Callegari
wrote:
> Il Fri, Dec 15, 2023 at 11:31:18PM +0000, Richard Lewis scrisse:
> > On Fri, 15 Dec 2023 at 16:06, Stefano Callegari
> > wrote:
> >
> > > from few days the email from cron are empty, there is only the heade
On Fri, 15 Dec 2023 at 16:06, Stefano Callegari
wrote:
> from few days the email from cron are empty, there is only the header.txt.
> /etc/logcheck <-bash> # su -s /bin/bash -c "/usr/sbin/logcheck -l
> /var/log/syslog" logcheck
>
> the email has the log lines. Without the -l option, still
On Thu, 7 Dec 2023 22:05:29 +1300 Vladimir Petko
wrote:
> As of today there are more test failures:
> Test Summary Report
> ---
> debian/test-out/eval/checks/documentation/manual/manpage-errors-from-man/generic.t
>
On Wed, 6 Dec 2023, 04:41 Jörg Frings-Fürst, wrote:
> Hello Francois,
>
> I did not search for Vulnerabilities. However, I am of the opinion that
> using
> rkhunter in its current form is equivalent to using a 6 year old virus
> scanner
> and therefore involves an increased security risk.
>
i
On Fri, 1 Dec 2023, 22:15 Hilmar Preusse, wrote:
>
> 2023-12-01T09:36:52.230653+01:00 haka2 schroot[3182]: [unstable-
> amd64-sbuild-327cf8c2-30d1-4469-aa7b-9bc3653dbc45 chroot] (root->root)
> Running
> command: "perl -e #012use strict;#012
>use warnings;#012use POSIX;#012
>
>
Package: release-notes
tags: trixie
X-Debbugs-No-Ack: yes
Per https://lists.debian.org/debian-devel-announce/2023/11/msg5.html
mips64el is marked as out-of-sync and may not release with trixie.
If so, we will need something in release-notes about architectures
being removed.
Or maybe both
On Sat, 06 Oct 2018 01:11:00 + Chris Knadle
wrote:
> I was investigating this orphaned package in relation to it being a dependency
> for Logcheck, and unfortunately the inactive maintainer is also the upstream
> author of mime-construct which was last updated 2010-06-23. That can be seen
>
On Thu, 17 Aug 2023 13:01:43 +0200 Philipp Huebner
wrote:
> FWIW, I can reproduce and thus confirm this.
This issue - that the error code is 2 when --show-overrides is used and 0
otherwise is also reproduced in
:
>
> Hi Richard,
>
> Чт 19 окт 2023 @ 22:42 Richard Lewis :
>
> > On Mon, 16 Oct 2023 at 09:00, Lev Lamberov wrote:
> >> Вс 15 окт 2023 @ 19:37 Richard Lewis :
> >> > On Mon, 05 Sep 2022 19:44:27 -0300 David Bremner
> >> > wrote:
> &
On Mon, 16 Oct 2023 at 09:00, Lev Lamberov wrote:
> Вс 15 окт 2023 @ 19:37 Richard Lewis :
> > On Mon, 05 Sep 2022 19:44:27 -0300 David Bremner wrote:
> >> Lev Lamberov writes:
> > I also see this bug in bookwork: dh-make-elpa doesnt work at all
> > unless D
On Mon, 05 Sep 2022 19:44:27 -0300 David Bremner wrote:
> Lev Lamberov writes:
>
> yes I did cd (just did again to double check). I don't have DEBFULLNAME
> set, maybe that makes a difference.
I also see this bug in bookwork: dh-make-elpa doesnt work at all
unless DEBFULLNAME (and maybe
Thanks - i really like the idea to checking whether results are from
Debian packages as that is the first thing a user will want to know. I
doubt upstream would include such a patch, but debian has already made
huge changes to the output.
There is no concept of 'INFO' or 'lowering' of messages in
On Fri, 13 Oct 2023 at 20:27, Michael Biebl wrote:
> It turns out that `PrivateTmp=yes` breaks the logcheck autopkgtest.
i think the test tells rsyslog to write to /tmp and then calls
logcheck on the output outside the unit. But the PrivateTmp=true means
rsyslog is actually writing to
On Mon, 9 Oct 2023, 04:09 Kevin Otte, wrote:
> I wrote a patch to address #1026379 that I feel would be appropriate
> here too. As I noted there, using tput for detection basically means
> having ncurses-bin as a Recommends, so we may want a better way of doing
> this detection.
>
is it more
On Mon, 7 Aug 2023 01:19:38 +0200 Guillem Jover wrote:
> On Fri, 2023-08-04 at 23:35:27 -0300, David da Silva Polverari wrote:
> > When using https://udd.debian.org/patches.cgi, I notice that whenever
> > the Forwarded field contains anything other than "no", "not-needed",
> > "yes" or an URL,
On Thu, 14 Sep 2023, 06:00 Francois Marier, wrote:
> On 2023-09-13 at 14:15:53, Moritz Mühlenhoff (j...@inutil.org) wrote:
> > https://gist.github.com/MatheuZSecurity/16ef0219db8f85f49f945a25d5eb42d7
>
> My summary of this is: it's possible to figure out what files/ports/etc.
> rkhunter is
On Tue, 15 Aug 2023 19:54:26 +0200 Santiago Vila wrote:
> In preinst, do something like this:
>
> if upgrading-from-previous-version-whatever-is-coded
>if [ ! -f /etc/logcheck/header.txt ]; then
> touch /etc/logcheck.header.was.removed.txt
>fi
> fi
>
> Then in postinst, do something
On Thu, 17 Aug 2023, 20:57 Nicholas D Steeves, wrote:
> Richard Lewis wrote:
> > David Bremner wrote:
> > > Richard Lewis writes:
> > > > David Bremner wrote:
>
>
> > What happens in the 'apt upgrade' is:
> >
> > the old emacsen-common
On Tue, 15 Aug 2023 at 12:51, Santiago Vila wrote:
> On a Debian system with ansible and chkrootkit installed,
> chkrootkit warns that ansible has possibly the Adore Worm.
> WARNING: Possible Adore Worm installed:
>
/usr/lib/python3/dist-packages/ansible_collections/cyberark/conjur/dev/start.sh
On Tue, 15 Aug 2023, 13:15 Santiago Vila, wrote:
>
> On a Debian 11 system where logcheck is installed, removing
> /etc/logcheck/header.txt and then upgrading to Debian 12
> makes such file to reappear again.
>
>
>
thanks - i agree this is a bug and a patch to fix it would be great :)
In the
Holger Wansing writes:
> Justin B Rye wrote (Fri, 28 Jul 2023 10:04:09
> +0100):
>> Holger Wansing wrote:
>> > Thorsten Glaser :
>> >> Could this information (valid unit sufficēs) be added to the dialogue
>> >> where the size is entered? Screen space should suffice.
>> [...]
>> > CC'ing
On Fri, 11 Aug 2023 01:11:49 +0100 Andrei Coada
wrote:
> Hi Team,
>
> This is getting pretty annoying, a 9 years old inconvenience, especially
> now that Debian 12 does not even have a syslog service installed by
default.
> Fail2ban fails to start right after its installation.
did you read the
control: tags -1 + patch
thanks
On Sun, 6 Aug 2023 at 17:15, Richard Lewis
wrote:
> On Sun, 19 Sep 2021 22:41:24 +0100 Richard Lewis
> wrote:
>
> > giving two arguments including one that is not a package shows there is a
> > syntax error somewhere around line 378:
> &
On Sun, 16 Jul 2023 10:37:15 +0100 Richard Lewis
wrote:
> When loading nokogiri, with 'ruby -w' i get a warning
> /usr/lib/x86_64-linux-gnu/rubygems-integration/3.1.0/gems/nokogiri-1.13.10/lib/nokogiri/version/info.rb:85:
> warning: possibly useless use of a variable in voi
On Sun, 19 Sep 2021 22:41:24 +0100 Richard Lewis
wrote:
> giving two arguments including one that is not a package shows there is a
> syntax error somewhere around line 378:
>
> $ apt-show-versions apt whatever
> apt:amd64/bullseye 2.2.4 uptodate
> Use of uniniti
On Tue, 10 Sep 2019 17:15:45 +0200 Benoit Friry wrote:
> I did migrate "all in /usr" with usrmerge package.
> After the migration, all my files are in /usr, and there are links from
> /lib to /usr/lib, /bin to /usr/bin and /sbin to /usr/sbin.
>
> lin001w reports files found through links in root
On Wed, 12 Jul 2023 at 12:20, Mathias Gibbens wrote:
>
> Andreas, thanks for the report, and Richard, thanks for your work as
> well. I think the changes look good, and if there's no other concerns
> I'll merge the salsa MR, and upload a new version to unstable. Once
> that's done, I'll also
On Mon, 24 Jul 2023, 11:35 David Bremner, wrote:
> Richard Lewis writes:
> > On Sun, 23 Jul 2023, 12:34 David Bremner, wrote:
> >
>
> As far as the actual bug with failing to clean up, I ran
>
> % systemd-nspawn --machine bullseye /usr/lib/dh-elpa/helper
Holger Wansing writes:
> Richard Lewis wrote (Sun, 30 Jul 2023
> 11:10:10 +0100):
>> in [0] the '#' is meant to indicate 'run this as root', but the rst has
>> '.. code-block:: shell' so the commands are being formatted as a
>> comment.
>
> Yes, there are differen
Holger Wansing writes:
> Tests were successful, the results can be found on
> https://people.debian.org/~holgerw/release-notes_sphinx/www.debian.org/,
> in the exact same structure as they would appear on the Debian
> website.
nice - it looks like it's come on a long way from the previous
On Mon, 24 Jul 2023, 12:33 Thomas Parmelan,
wrote:
> Le vendredi 21 juillet 2023 à 23:32, d'après
>
>
> > (or stop using rsyslog entirely).
>
> I quite like my old habits wrt to /var/log/* :p
>
> But I now understand that all that is logged via rsyslog comes from
> systemd-journald anyway, so
On Thu, 27 Jul 2023, 10:15 phep, wrote:
>
> the -L option does not overrules anymore the default
> logfiles list as stated in the manpage, it now extends it.
>
true - we should perhaps clarify the documentation to make this clearer
> We are impacted here since in addition to logcheck standard
On Sun, 23 Jul 2023, 12:34 David Bremner, wrote:
> Richard Lewis writes:
>
> > I suspect a plain chroot isnt 'enough', i had success with
> systemd-nspawn:
> >
> > ln -s /tmp/bullseye/ /var/lib/machines
> >
> > # im sure there is a better way than these tw
On Sun, 23 Jul 2023, 11:19 David Bremner, wrote:
> Richard Lewis writes:
>
> > I suspect a plain chroot isnt 'enough', i had success with
> systemd-nspawn:
> >
>
> Not sure what you mean here. The reproducer using chroot you posted
> works fine for me, it's
On Sat, 22 Jul 2023 at 15:48, james.bottom...@hansenpartnership.com
wrote:
> The systemd chkrootkit.timer has this line:
>
> OnBootSec=30min
>
> Which means it runs 30 minutes after a reboot. I tend to upgrade my servers
> in the early morning, which means it's still running when people start
I suspect a plain chroot isnt 'enough', i had success with systemd-nspawn:
ln -s /tmp/bullseye/ /var/lib/machines
# im sure there is a better way than these two lines
cp /etc/passwd bullseye/etc/passwd
cp /etc/shadow bullseye/etc/shadow
systemd-nspawn --ephemeral --boot --machine bullseye
#
An attempt to reproduce - partially successful, maybe reveals deeper issues!
su -
mkdir /tmp/bullseye
cd /tmp/bullseye
debootstrap bullseye . https://deb.debian.org/debian
chroot . apt install emacs elpa-helpful
sed -i s/bullseye/bookworm/ ./etc/apt/sources.list
chroot . apt update
chroot . apt
On Fri, 21 Jul 2023 at 23:39, Nicholas D Steeves wrote:
> retitle 1030394 dh-elpa: elpa-csv-mode 1.20 not cleaned up
important to note that it's not just this one package, but many elpa
packages (but not all) which were either upgraded or purged as part of
the upgrade: I get the same set of
On Fri, 21 Jul 2023 at 09:57, Thomas Parmelan wrote:
>
> Le jeudi 20 juillet 2023 à 21:43, d'après
> Richard Lewis :
> With the default configuration and without my patch I get this in the
> report, which is really not easy to read because of the huge difference
> in ti
i wonder if a missing python3-systemd is the only reason for this bug:
fail2ban + sshd works fine with backend=auto for me, and i have recommends
installed.
So rather than changing the default 'backend', debian should just promote
python3-systemd to 'depends'.
On Fri, 21 Jul 2023, 07:03 Jeremy
On Thu, 20 Jul 2023 12:15:25 +0200 Thomas Parmelan
wrote:
Some interesting ideas in here - i think i am missing something though:
> The systemd journal is checked by default, in addition to rsyslog files,
> starting with logcheck version 1.4.1. But the format of timestamps are
> different by
Package: ruby-nokogiri
Version: 1.13.10+dfsg-2+b1
Severity: normal
X-Debbugs-Cc: richard.lewis.deb...@googlemail.com
Dear Maintainer,
When loading nokogiri, with 'ruby -w' i get a warning
/usr/lib/x86_64-linux-gnu/rubygems-integration/3.1.0/gems/nokogiri-1.13.10/lib/nokogiri/version/info.rb:85:
On Fri, 28 Jun 2019 13:39:46 +0530 Avinash Sonawane
wrote:
> As per SUS Utility syntax guideline 5[0], command-line utility should
allow
> multiple arguments to be grouped behind single `-` delimiter.
This is a valid request and would be reasonably straightforward for someone
to implement. The
On Sun, 23 Jan 2022 10:27:26 +0100 Samuel Thibault wrote:
> chkrootkit reports this:
>
> Searching for Linux.Xor.DDoS ...INFECTED:
> Possible Malicious Linux.Xor.DDoS installed
> /tmp/lynx-2.9.0dev.10/configure
>
fwiw i'd appreciate a NEWS.Debian entry as well, it's too easy to miss
messages from postinst - much better to have it somewhere people can read
at their convenience (and apt-list-changes send the NEWS by email) than
scrolling by - i imagine unattended-upgrades doesnt even show people those
On Mon, 10 Jul 2023 20:07:30 +0100 Richard Lewis <
richard.lewis.deb...@googlemail.com> wrote:
> i've only ever run stable, i get the following list
>
> Warning (comp): Cannot look-up eln file as no source file was found for
> /usr/share/emacs/site-lisp/elpa/helpful-0.18/helpful
i've only ever run stable, i get the following list
Warning (comp): Cannot look-up eln file as no source file was found for
/usr/share/emacs/site-lisp/elpa/helpful-0.18/helpful.elc Warning (comp):
Cannot look-up eln file as no source file was found for
After upgrading to bookworm, encfs segfaults for me when trying to
open encrypted directories created a long time ago.
The solution in
https://askubuntu.com/questions/1405656/encfs-segfault-in-version-22-04
worked, which is to edit /etc/ssl/opensslf.conf and add
[openssl_init]
providers =
https://salsa.debian.org/debian/logcheck/-/merge_requests/18 now has
the patch for this
On Thu, 29 Jun 2023 at 21:36, Richard Lewis
wrote:
>
> I think you might be missing one md5sum - I found 4 versions in the git repos
>
> #
> for x in $(git log debian/h
I think you might be missing one md5sum - I found 4 versions in the git repos
#
for x in $(git log debian/header.txt | awk '/commit/{print $2}'); do
git show $x:debian/header.txt | md5sum ; done
d9206d89f2f8d85d346a23da90459862 -
a32fc12d69628d96756fd3af3f8b3ecd -
On Tue, 27 Jun 2023, 22:01 Andreas Beckmann, wrote:
> Control: tag -1 patch
>
> On 27/06/2023 19.21, Richard Lewis wrote:
> > header.txt has not been modified since 2015.
>
> I've found three versions (with sightly different spelling):
> * lenny
> * squeeze, wheezy,
header.txt has not been modified since 2015.
it is a simple yext file that is installed with debian/logcheck.install
the only change is that it used to be installed into /usr/share but got
moved to /etc to be a conffile in 2021. This didnt trigger any piuparts
issues and there was no change to
package: release-notes
I am sure i must be missing something, but i couldnt see anywhere in
the release notes does it explain what the sources.list for security
updates should be.
i was expecting this to be mentioned in one of
On Sun, 25 Jun 2023, 15:09 Ludovic Rousseau, wrote:
>
> It looks like journalctl now displays the month using the configured
> locale.
>
> Compare:
> # journalctl -t smartd -S "Jun 25 10:00:00"
> juin 25 11:09:27 zotac smartd[548]: Device: /dev/sda [SAT], SMART Usage
> Attribu>
> juin 25
1 - 100 of 264 matches
Mail list logo