[Bug 1890751] Re: unmatched entry for securetty on focal
This bug was fixed in the package logwatch - 7.5.2-1ubuntu1.1 --- logwatch (7.5.2-1ubuntu1.1) focal; urgency=medium [ Bryce Harrington ] * d/p/0020-dhcpd-Ignore-lease-age-under-threshold-messages.patch: dhcpd: Ignore lease age under threshold messages (LP: #1578001) * d/p/0019-exim-Handle-self-signed-certs-warnings.patch: exim: Handle self-signed certs warnings. (LP: #1892269) * d/p/0018-audit-Treat-Denial-Errors-same-as-Denied.patch: audit: Treat Denial-Errors same as Denied. (LP: #1577948) * d/p/0017-audit-Apparmor-DENIED-entries-don-t-always-include-p.patch: audit: Apparmor DENIED entries don't always include parent=N. (LP: #1577948) * d/p/0015-pam_unix-Ignore-issues-about-etc-securetty-being-mis.patch: pam_unix: Ignore issues about /etc/securetty being missing. (LP: #1890751) * d/p/0014-zz-sys-Suppress-warnings-if-Sys-CPU-or-Sys-MemInfo-a.patch: zz-sys: Suppress warnings if Sys::CPU or Sys::MemInfo are missing. These are not installed by default in Ubuntu's logwatch packaging. (LP: #1890749) * d/p/0013-secure-Ignore-warnings-about-gnome-keyring-daemon-it.patch: secure: Ignore warnings about gnome-keyring-daemon items already registered. (LP: #1890752) * d/p/0012-postfix-Handle-backwards-compatible-mode.patch: postfix: Handle backwards-compatible mode. (LP: #1583705) * d/p/0011-postfix-Ignore-Resolved-loghost-to-127.0.0.1.patch: postfix: Ignore Resolved loghost to 127.0.0.1. (LP: #1583705) * d/p/0010-00-debspecific-disable-su-reporting-in-secure.diff.patch: Use $PATH to determine location of zpool and zfs. (LP: #1880211) [ Lucas Kanashiro ] * d/p/0021-audit-use-the-term-ALLOWED-instead-of-Grants.patch: audit: use the term ALLOWED instead of Grants. (LP: #1577948) -- Bryce Harrington Thu, 03 Sep 2020 04:22:00 + ** Changed in: logwatch (Ubuntu Focal) Status: Fix Committed => Fix Released -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1890751 Title: unmatched entry for securetty on focal To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/logwatch/+bug/1890751/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1890751] Re: unmatched entry for securetty on focal
** Tags removed: verification-needed verification-needed-focal ** Tags added: verification-done verification-done-focal -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1890751 Title: unmatched entry for securetty on focal To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/logwatch/+bug/1890751/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1890751] Re: unmatched entry for securetty on focal
Verified on focal in LXC that the securetty messages are suppressed. -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1890751 Title: unmatched entry for securetty on focal To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/logwatch/+bug/1890751/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1890751] Re: unmatched entry for securetty on focal
** Description changed: + [Impact] + + Messages about /etc/securetty aren't being handled by logwatch and end + up in the "Unmatched Entries" section. Support for /etc/securetty was + dropped in focal, but some services or other software haven't been + updated to reflect this change and so issue the warning. + + + [Test Case] + + $ export CODENAME="focal" + $ lxc launch ubuntu:${CODENAME} test-logwatch + $ lxc exec test-logwatch -- bash + + # apt-get update + # apt-get dist-upgrade -y + # apt-get install -y logwatch + + # wget https://bugs.launchpad.net/ubuntu/+source/logwatch/+bug/1890751/+attachment/5407063/+files/unmatched-entries-securetty%3Aauth.log + # cat unmatched-entries-securetty:auth.log >> /var/log/auth.log + + # logwatch --detail High --service all --range all --output stdout + + Without the fix, there will be unmatched entries for /etc/securetty, + which may appear in multiple sections within the report; with the fix + there will be no such messages. + + (Note: For testing it's not really necessary to trigger the original + condition that produces the log entry, since for Logwatch the purpose is + more about making sure the entry is detected and processed + appropriately.) + + + [Regression Potential] + + Since logwatch filters logs for errors pertinent to administrators, + standard things to watch out for are undesired changes in this filtering + behavior, such as flagging or failing to flag issues differently than + before, other than the specific messages being filtered with this + change. + + + [Original Report] + $ sudo logwatch --detail Low --range today --service all --output stdout - - pam_unix Begin + - pam_unix Begin - sudo: - Sessions Opened: -root -> root: 4 Time(s) - Unknown Entries: -Couldn't open /etc/securetty: No such file or directory: 4 Time(s) - - - -- pam_unix End - + sudo: + Sessions Opened: + root -> root: 4 Time(s) + Unknown Entries: + Couldn't open /etc/securetty: No such file or directory: 4 Time(s) + + -- pam_unix End - -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1890751 Title: unmatched entry for securetty on focal To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/logwatch/+bug/1890751/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1890751] Re: unmatched entry for securetty on focal
Hello Bryce, or anyone else affected, Accepted logwatch into focal-proposed. The package will build now and be available at https://launchpad.net/ubuntu/+source/logwatch/7.5.2-1ubuntu1.1 in a few hours, and then in the -proposed repository. Please help us by testing this new package. See https://wiki.ubuntu.com/Testing/EnableProposed for documentation on how to enable and use -proposed. Your feedback will aid us getting this update out to other Ubuntu users. If this package fixes the bug for you, please add a comment to this bug, mentioning the version of the package you tested, what testing has been performed on the package and change the tag from verification-needed- focal to verification-done-focal. If it does not fix the bug for you, please add a comment stating that, and change the tag to verification- failed-focal. In either case, without details of your testing we will not be able to proceed. Further information regarding the verification process can be found at https://wiki.ubuntu.com/QATeam/PerformingSRUVerification . Thank you in advance for helping! N.B. The updated package will be released to -updates after the bug(s) fixed by this package have been verified and the package has been in -proposed for a minimum of 7 days. ** Changed in: logwatch (Ubuntu Focal) Status: Triaged => Fix Committed ** Tags added: verification-needed verification-needed-focal -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1890751 Title: unmatched entry for securetty on focal To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/logwatch/+bug/1890751/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1890751] Re: unmatched entry for securetty on focal
** Merge proposal linked: https://code.launchpad.net/~bryce/ubuntu/+source/logwatch/+git/logwatch/+merge/390212 -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1890751 Title: unmatched entry for securetty on focal To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/logwatch/+bug/1890751/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1890751] Re: unmatched entry for securetty on focal
** Merge proposal unlinked: https://code.launchpad.net/~bryce/ubuntu/+source/logwatch/+git/logwatch/+merge/390212 -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1890751 Title: unmatched entry for securetty on focal To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/logwatch/+bug/1890751/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1890751] Re: unmatched entry for securetty on focal
** Merge proposal linked: https://code.launchpad.net/~bryce/ubuntu/+source/logwatch/+git/logwatch/+merge/390212 -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1890751 Title: unmatched entry for securetty on focal To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/logwatch/+bug/1890751/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1890751] Re: unmatched entry for securetty on focal
See also: https://bugs.launchpad.net/ubuntu/+source/pam/+bug/1860826 https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=674857#25 https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=931899 "FWIW, the latest login upload to unstable (1:4.7-1) dropped support for /etc/securetty and removed that file on upgrades, due to the numerous complaints it caused... This lead to complaints by pam_unix in the system logs on every login, see #931899." So the warning is superfluous, and merely serves to cause confusion for other unrelated bugs (e.g. LP #1860826 comments 8-12). Apparently a workaround is to remove "nullok_secure" from the auth line in /etc/pam.d/common-auth. Logwatch sounds unsure about carrying this change upstream, but given the above I think it is worth carrying in the Ubuntu delta at least. When LP: #1860826 is resolved for -devel and all supported LTS' the logwatch delta could be dropped, although the messages likely will linger in log files and thus show up in "--range All" for some time. focal and groovy have login 1:4.8.1-1 so are affected, but bionic has 1:4.5-1 so this is only applicable for SRU to focal. ** Bug watch added: Debian Bug tracker #674857 https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=674857 ** Bug watch added: Debian Bug tracker #931899 https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=931899 -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1890751 Title: unmatched entry for securetty on focal To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/logwatch/+bug/1890751/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1890751] Re: unmatched entry for securetty on focal
** Attachment added: "Sample log entries for testing the securetty error messages" https://bugs.launchpad.net/ubuntu/focal/+source/logwatch/+bug/1890751/+attachment/5407063/+files/unmatched-entries-securetty%3Aauth.log -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1890751 Title: unmatched entry for securetty on focal To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/logwatch/+bug/1890751/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1890751] Re: unmatched entry for securetty on focal
This bug was fixed in the package logwatch - 7.5.4-0ubuntu2 --- logwatch (7.5.4-0ubuntu2) groovy; urgency=medium [ Bryce Harrington ] * d/p/0020-dhcpd-Ignore-lease-age-under-threshold-messages.patch: dhcpd: Ignore lease age under threshold messages (LP: #1578001) * d/p/0019-exim-Handle-self-signed-certs-warnings.patch: exim: Handle self-signed certs warnings. (LP: #1892269) * d/p/0018-audit-Treat-Denial-Errors-same-as-Denied.patch: audit: Treat Denial-Errors same as Denied. (LP: #1577948) * d/p/0017-audit-Apparmor-DENIED-entries-don-t-always-include-p.patch: audit: Apparmor DENIED entries don't always include parent=N. (LP: #1577948) * d/p/0015-pam_unix-Ignore-issues-about-etc-securetty-being-mis.patch: pam_unix: Ignore issues about /etc/securetty being missing. (LP: #1890751) * d/p/0014-zz-sys-Suppress-warnings-if-Sys-CPU-or-Sys-MemInfo-a.patch: zz-sys: Suppress warnings if Sys::CPU or Sys::MemInfo are missing. These are not installed by default in Ubuntu's logwatch packaging. (LP: #1890749) * d/p/0013-secure-Ignore-warnings-about-gnome-keyring-daemon-it.patch: secure: Ignore warnings about gnome-keyring-daemon items already registered. (LP: #1890752) * d/p/0012-postfix-Handle-backwards-compatible-mode.patch: postfix: Handle backwards-compatible mode. (LP: #1583705) * d/p/0011-postfix-Ignore-Resolved-loghost-to-127.0.0.1.patch: postfix: Ignore Resolved loghost to 127.0.0.1. (LP: #1583705) * d/control: Update upstream's homepage (LP: #1891604) [ Lucas Kanashiro ] * d/p/0021-audit-use-the-term-ALLOWED-instead-of-Grants.patch: audit: use the term ALLOWED instead of Grants. -- Bryce Harrington Fri, 21 Aug 2020 01:30:10 + ** Changed in: logwatch (Ubuntu Groovy) Status: Triaged => Fix Released -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1890751 Title: unmatched entry for securetty on focal To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/logwatch/+bug/1890751/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1890751] Re: unmatched entry for securetty on focal
** Merge proposal linked: https://code.launchpad.net/~bryce/ubuntu/+source/logwatch/+git/logwatch/+merge/389633 -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1890751 Title: unmatched entry for securetty on focal To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/logwatch/+bug/1890751/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1890751] Re: unmatched entry for securetty on focal
I've reproduced this in lxd on groovy and focal, but not on xenial or bionic. ** Also affects: logwatch (Ubuntu Groovy) Importance: Undecided Status: New ** Also affects: logwatch (Ubuntu Focal) Importance: Undecided Status: New ** Changed in: logwatch (Ubuntu Groovy) Importance: Undecided => Medium ** Changed in: logwatch (Ubuntu Groovy) Status: New => Triaged ** Changed in: logwatch (Ubuntu Focal) Importance: Undecided => Medium ** Changed in: logwatch (Ubuntu Focal) Status: New => Triaged -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1890751 Title: unmatched entry for securetty on focal To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/logwatch/+bug/1890751/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs