Hello community, here is the log from the commit of package seccheck for openSUSE:Factory checked in at 2014-12-17 19:15:53 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Comparing /work/SRC/openSUSE:Factory/seccheck (Old) and /work/SRC/openSUSE:Factory/.seccheck.new (New) ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "seccheck" Changes: -------- --- /work/SRC/openSUSE:Factory/seccheck/seccheck.changes 2014-09-06 12:18:17.000000000 +0200 +++ /work/SRC/openSUSE:Factory/.seccheck.new/seccheck.changes 2014-12-17 19:15:08.000000000 +0100 @@ -1,0 +2,5 @@ +Tue Dec 16 08:31:31 UTC 2014 - [email protected] + +- daily-mailer.patch: applied patch suggested in bnc#904544 + +------------------------------------------------------------------- New: ---- daily-mailer.patch ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ seccheck.spec ++++++ --- /var/tmp/diff_new_pack.6qu8t0/_old 2014-12-17 19:15:09.000000000 +0100 +++ /var/tmp/diff_new_pack.6qu8t0/_new 2014-12-17 19:15:09.000000000 +0100 @@ -25,6 +25,7 @@ Source: %{name}-%{version}.tar.gz Source1: sysconfig.seccheck Source2: cron_entries +Patch0: daily-mailer.patch Requires: bash Requires: cron # FIXME: use proper Requires(pre/post/preun/...) @@ -40,6 +41,8 @@ %prep %setup -q +%patch0 -p1 + %install install -d -m 700 %{buildroot}%{_localstatedir}/lib/secchk install -d -m 700 %{buildroot}%{_localstatedir}/lib/secchk/data ++++++ daily-mailer.patch ++++++ diff -ub a/helper.inc b/helper.inc --- a/helper.inc 2014-09-25 10:25:31.000000000 +0200 +++ b/helper.inc 2014-11-10 19:38:31.780825129 +0100 @@ -65,18 +65,22 @@ local old1=$1 local out1=$2 + { cat <<-EOF - To: $SECCHK_USER - Subject: Local Daily Security for `hostname`: Changes +To: $SECCHK_USER +Subject: Local Daily Security for `hostname`: Changes - Daily security check $VERSION by Marc Heuse <[email protected]> - $BLURB +Daily security check $VERSION by Marc Heuse <[email protected]> +$BLURB - Changes in your daily security configuration of `hostname`: +Changes in your daily security configuration of `hostname`: + +Changes (+: new entries, -: removed entries): EOF - /usr/bin/diff -u -w "$old1" "$out1" | sed 's/^@@.*/\ * Changes (+: new entries, -: removed entries):\ /' | \egrep '^[+*-]|^$' |sed 's/^+++/NEW:/' | sed 's/^---/OLD:/' | sed 's/^[+-]/& /' | $MAILER "$SECCHK_USER" + /usr/bin/diff -u -w "$old1" "$out1" | egrep '^[+*-]|^$' | sed 's/^+++/NEW:/' | sed 's/^---/OLD:/' | sed 's/^[+-]/& /' + } | $MAILER "$SECCHK_USER" /bin/mv "$out1" "$old1" } Only in b: security-control.sh diff -ub a/security_daily_helper.inc b/security_daily_helper.inc --- a/security_daily_helper.inc 2014-09-25 10:25:31.000000000 +0200 +++ b/security_daily_helper.inc 2014-11-10 19:38:31.785824990 +0100 @@ -38,7 +38,7 @@ /usr/bin/systemctl list-unit-files --type=service > "$SEC_DATA/systemd_services.new" diff -uw "$SEC_DATA/systemd_services" "$SEC_DATA/systemd_services.new" |egrep -v '^\+\+\+ |^--- |^$|^@@' | sed 's/^[+-]/& /' > "$output_file" if [ -s "$output_file" ] ; then - printf "\nThere are the following changes in systemctl services output:\n" + echo cat "$output_file" fi mv "$SEC_DATA/systemd_services.new" "$SEC_DATA/systemd_services" @@ -48,18 +48,13 @@ function check_sysctl () { local output_file=`mktemp -t check_sysctl.XXXX` # TEMPDIR is set but not exported.. does it work? /usr/sbin/sysctl -a > "$SEC_DATA/sysctl.new" - diff -uw "$SEC_DATA/sysctl" "$SEC_DATA/sysctl.new" |egrep -v '^\+\+\+ |^--- |^$|^@@' | sed 's/^[+-]/& /' > "$output_file" - if [ -s "$output_file" ] ; then - printf "\nThere are the following changes in the output from sysctl -a:\n" - cat "$output_file" - fi + cat "$SEC_DATA/sysctl.new" mv "$SEC_DATA/sysctl.new" "$SEC_DATA/sysctl" - rm -f "$output_file" } function check_xinetd_services () { local output_file=`mktemp -t check_xinetd_services.XXXX` # TEMPDIR is set but not exported.. does it work? - /sbin/chkconfig --list | awk '/xinetd based services/,/""/' | grep -v off > "$SEC_DATA/xinetd.new" + /sbin/chkconfig --list 2> /dev/null | awk '/xinetd based services/,/""/' | grep -v off > "$SEC_DATA/xinetd.new" diff -uw "$SEC_DATA/xinetd" "$SEC_DATA/xinetd.new" |egrep -v '^\+\+\+ |^--- |^$|^@@' | sed 's/^[+-]/& /' > "$output_file" if [ -s "$output_file" ] ; then printf "\nThere are the following changes in xinetd running services output:\n" -- To unsubscribe, e-mail: [email protected] For additional commands, e-mail: [email protected]
