https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=247389
Bug ID: 247389
Summary: 800.loginfail and 900.tcpwrap (/etc/periodic/security)
don't produce output
Product: Base System
Version: 12.1-STABLE
Hardware: Any
OS: Any
Status: New
Severity: Affects Only Me
Priority: ---
Component: conf
Assignee: [email protected]
Reporter: [email protected]
/etc/periodic/security/800.loginfail
/etc/periodic/security/900.tcpwrap
Perhaps it's just me missing the bleeding obvious, but these two scripts appear
to be wired backwards, and therefore don't produce output. Also, the egrep
regex in 800.loginfail doesn't work for me either. A quick edit & test... and
all appears to work as intended.
--- 800.loginfail-old 2019-10-19 19:05:16.208356000 +0000
+++ 800.loginfail 2020-06-18 18:24:45.772960000 +0000
@@ -46,7 +46,7 @@
yesterday=`date -v-1d "+%b %e "`
catmsgs() {
- find ${LOG} -name 'auth.log.*' -mtime -2 |
+ find ${LOG} -name 'messages.*' -mtime -2 |
sort -t. -r -n -k 2,2 |
while read f
do
@@ -55,7 +55,7 @@
*.bz2) bzcat -f $f;;
esac
done
- [ -f ${LOG}/auth.log ] && cat $LOG/auth.log
+ [ -f ${LOG}/messages ] && cat $LOG/messages
}
rc=0
@@ -64,7 +64,7 @@
then
echo ""
echo "${host} login failures:"
- n=$(catmsgs | egrep -ia "^$yesterday.*:
.*\b(fail(ures?|ed)?|invalid|bad|illegal|auth.*error)\b" |
+ n=$(catmsgs | egrep -ia "^$yesterday.*:
.*\<(fail(ures?|ed)?|invalid|bad|illegal|auth.*error)\>" |
tee /dev/stderr | wc -l)
[ $n -gt 0 ] && rc=1 || rc=0
fi
--- 900.tcpwrap-old 2019-10-19 19:05:16.224470000 +0000
+++ 900.tcpwrap 2020-06-18 18:24:07.948855000 +0000
@@ -46,7 +46,7 @@
yesterday=`date -v-1d "+%b %e "`
catmsgs() {
- find ${LOG} -name 'messages.*' -mtime -2 |
+ find ${LOG} -name 'auth.log.*' -mtime -2 |
sort -t. -r -n -k 2,2 |
while read f
do
@@ -55,7 +55,7 @@
*.bz2) bzcat -f $f;;
esac
done
- [ -f ${LOG}/messages ] && cat $LOG/messages
+ [ -f ${LOG}/auth.log ] && cat $LOG/auth.log
}
rc=0
--
You are receiving this mail because:
You are the assignee for the bug.
_______________________________________________
[email protected] mailing list
https://lists.freebsd.org/mailman/listinfo/freebsd-bugs
To unsubscribe, send any mail to "[email protected]"
