diff options
author | Greg Larkin <glarkin@FreeBSD.org> | 2008-09-07 01:31:56 +0000 |
---|---|---|
committer | Greg Larkin <glarkin@FreeBSD.org> | 2008-09-07 01:31:56 +0000 |
commit | 6dd443c9f73636f3e76043d8e11d01095fddf657 (patch) | |
tree | d4ddb94c50c1bfbb95209f0da67d99ea66b740b2 /security/logcheck | |
parent | fa596a3067e76b84f109884d129d376bbbdf6f87 (diff) | |
download | ports-6dd443c9f73636f3e76043d8e11d01095fddf657.tar.gz ports-6dd443c9f73636f3e76043d8e11d01095fddf657.zip |
Notes
Diffstat (limited to 'security/logcheck')
-rw-r--r-- | security/logcheck/Makefile | 79 | ||||
-rw-r--r-- | security/logcheck/distinfo | 6 | ||||
-rw-r--r-- | security/logcheck/files/patch-debian__logcheck.cron.d | 16 | ||||
-rw-r--r-- | security/logcheck/files/patch-etc__logcheck.conf | 16 | ||||
-rw-r--r-- | security/logcheck/files/patch-logcheck.sh | 10 | ||||
-rw-r--r-- | security/logcheck/files/patch-src__logcheck | 142 | ||||
-rw-r--r-- | security/logcheck/files/pkg-deinstall.in | 33 | ||||
-rw-r--r-- | security/logcheck/files/pkg-install.in | 51 | ||||
-rw-r--r-- | security/logcheck/files/pkg-message.in | 13 | ||||
-rw-r--r-- | security/logcheck/pkg-descr | 13 | ||||
-rw-r--r-- | security/logcheck/pkg-plist | 200 |
11 files changed, 514 insertions, 65 deletions
diff --git a/security/logcheck/Makefile b/security/logcheck/Makefile index 10fdabd3587a..605ed57c64e9 100644 --- a/security/logcheck/Makefile +++ b/security/logcheck/Makefile @@ -6,45 +6,68 @@ # PORTNAME= logcheck -PORTVERSION= 1.1.1 -PORTREVISION= 4 +PORTVERSION= 1.2.54 CATEGORIES= security -MASTER_SITES= ${MASTER_SITE_SOURCEFORGE} -MASTER_SITE_SUBDIR= sentrytools +MASTER_SITES= ftp://ftp.debian.org/debian/pool/main/l/logcheck/ \ + http://ftp.de.debian.org/debian/pool/main/l/logcheck/ +DISTNAME= ${PORTNAME}_${PORTVERSION} -MAINTAINER= ports@FreeBSD.org +MAINTAINER= glarkin@FreeBSD.org COMMENT= Auditing tool for system logs on Unix boxes -# Install binaries and config files readable to root only -BINMODE= 700 -SHAREMODE= 600 +BUILD_DEPENDS= docbook-to-man:${PORTSDIR}/textproc/docbook-to-man +RUN_DEPENDS= lockfile:${PORTSDIR}/mail/procmail \ + bash:${PORTSDIR}/shells/bash \ + perl:${PORTSDIR}/lang/perl5 -LOGCHECK_TMP?= /var/run/logcheck -PLIST_SUB+= LOGCHECK_TMP=${LOGCHECK_TMP} - -CONFIG_FILES= logcheck.hacking logcheck.ignore \ - logcheck.violations logcheck.violations.ignore -DOCS= CREDITS INSTALL README README.how.to.interpret README.keywords +WRKSRC= ${WRKDIR}/${PORTNAME}-${PORTVERSION} +BINMODE= 755 +SHAREMODE= 640 +SUB_FILES= pkg-install pkg-deinstall pkg-message +CONFIG_DIRS= cracking.d ignore.d.paranoid ignore.d.server \ + ignore.d.workstation violations.d violations.ignore.d +DOCS= AUTHORS CHANGES CREDITS LICENSE TODO docs/README* +PORTDOCS= ${DOCS:T} +MAN8= logcheck.8 logtail.8 do-build: - cd ${WRKSRC}/src && ${CC} ${CFLAGS} -o logtail logtail.c - ${REINPLACE_CMD} -e 's!/usr/local/bin/logtail!${PREFIX}/bin/logtail!' \ - -e 's!/usr/local/etc/tmp!${LOGCHECK_TMP}!' \ - -e 's!/usr/local/etc/logcheck!${PREFIX}/etc/logcheck!' \ - ${WRKSRC}/systems/freebsd/logcheck.sh + ${REINPLACE_CMD} -e 's!/var/log/syslog!/var/log/messages!' \ + ${WRKSRC}/etc/logcheck.logfiles + ${REINPLACE_CMD} -e 's!/etc/logcheck!/usr/local/etc/logcheck!' \ + -e 's!/usr/share/doc/logcheck-database/README.logcheck-database.gz!${DOCSDIR}/README.logcheck-database!' \ + ${WRKSRC}/docs/logcheck.sgml + docbook-to-man ${WRKSRC}/docs/logcheck.sgml > ${WRKSRC}/docs/logcheck.8 do-install: - ${INSTALL_PROGRAM} ${WRKSRC}/src/logtail ${PREFIX}/bin - ${INSTALL_SCRIPT} ${WRKSRC}/systems/freebsd/logcheck.sh ${PREFIX}/etc - @${MKDIR} ${EXAMPLESDIR} -.for f in ${CONFIG_FILES} - @${INSTALL_DATA} ${WRKSRC}/systems/freebsd/${f} ${PREFIX}/etc/${f}.sample + ${INSTALL_SCRIPT} ${WRKSRC}/src/logcheck ${PREFIX}/sbin + ${INSTALL_SCRIPT} ${WRKSRC}/src/logtail ${PREFIX}/sbin + @PREFIX=${PREFIX} ${SH} ${PKGINSTALL} ${PKGNAME} PRE-INSTALL + @${INSTALL} -d /var/lib/logcheck + @${INSTALL} -d /var/run/logcheck + ${CHOWN} logcheck:logcheck /var/lib/logcheck + ${CHOWN} logcheck:logcheck /var/run/logcheck + @${INSTALL} -d ${ETCDIR} + @${INSTALL_DATA} ${WRKSRC}/etc/logcheck.conf ${ETCDIR}/logcheck.conf.sample + @${INSTALL_DATA} ${WRKSRC}/etc/logcheck.logfiles ${ETCDIR}/logcheck.logfiles.sample +.for i in ${CONFIG_DIRS} + @${INSTALL} -d ${ETCDIR}/${i} + @${INSTALL_DATA} ${WRKSRC}/rulefiles/linux/${i}/* ${ETCDIR}/${i} .endfor - ${TEST} -d ${LOGCHECK_TMP} || ${MKDIR} -m 700 ${LOGCHECK_TMP} - ${CHOWN} root:wheel ${LOGCHECK_TMP} + @${INSTALL} -d ${DOCSDIR} +.if !defined(NOPORTEXAMPLES) + @${INSTALL} -d ${EXAMPLESDIR} + @${INSTALL_DATA} ${WRKSRC}/debian/logcheck.cron.d ${EXAMPLESDIR}/crontab.in +.endif + ${CHOWN} -R root:logcheck ${ETCDIR} + @PREFIX=${PREFIX} ${SH} ${PKGINSTALL} ${PKGNAME} POST-INSTALL + @${INSTALL_MAN} ${WRKSRC}/docs/*.8 ${MAN8PREFIX}/man/man8 + +post-install: .if !defined(NOPORTDOCS) - @${MKDIR} ${DOCSDIR} - cd ${WRKSRC} && ${INSTALL_DATA} ${DOCS} ${DOCSDIR} + @${INSTALL} -d ${DOCSDIR} + @cd ${WRKSRC} && ${INSTALL_DATA} ${DOCS} ${DOCSDIR} + ${CHMOD} 644 ${DOCSDIR}/* .endif + @${CAT} ${PKGMESSAGE} .include <bsd.port.mk> diff --git a/security/logcheck/distinfo b/security/logcheck/distinfo index cc712aa5ed1e..ecea6b49e342 100644 --- a/security/logcheck/distinfo +++ b/security/logcheck/distinfo @@ -1,3 +1,3 @@ -MD5 (logcheck-1.1.1.tar.gz) = e97c2f096e219e20310c1b80e9e1bc29 -SHA256 (logcheck-1.1.1.tar.gz) = dfe4cb29305c619dc0a0aca5b11b2bd397baccf3076b48f03457f66f299ab42e -SIZE (logcheck-1.1.1.tar.gz) = 30267 +MD5 (logcheck_1.2.54.tar.gz) = bbb6fce8987503d7677441d7154fb598 +SHA256 (logcheck_1.2.54.tar.gz) = a15c177211bbd12cef482a0b8fbdd6d32bc6ff7172f0ec54257ca1c68f921b3a +SIZE (logcheck_1.2.54.tar.gz) = 141094 diff --git a/security/logcheck/files/patch-debian__logcheck.cron.d b/security/logcheck/files/patch-debian__logcheck.cron.d new file mode 100644 index 000000000000..7ab3d2b422d7 --- /dev/null +++ b/security/logcheck/files/patch-debian__logcheck.cron.d @@ -0,0 +1,16 @@ +--- ./debian/logcheck.cron.d.orig 2006-08-06 19:10:49.000000000 -0400 ++++ ./debian/logcheck.cron.d 2008-09-06 19:11:28.000000000 -0400 +@@ -1,9 +1,5 @@ +-# /etc/cron.d/logcheck: crontab entries for the logcheck package +- +-PATH=/usr/local/sbin:/usr/local/bin:/sbin:/bin:/usr/sbin:/usr/bin ++# crontab entries for the logcheck package ++PATH=/sbin:/bin:/usr/sbin:/usr/bin:/usr/local/sbin:/usr/local/bin + MAILTO=root +- +-@reboot logcheck if [ -x /usr/sbin/logcheck ]; then nice -n10 /usr/sbin/logcheck -R; fi +-2 * * * * logcheck if [ -x /usr/sbin/logcheck ]; then nice -n10 /usr/sbin/logcheck; fi +- +-# EOF ++@reboot if [ -x /usr/local/sbin/logcheck ]; then nice -n10 /usr/local/sbin/logcheck -R; fi ++2 * * * * if [ -x /usr/local/sbin/logcheck ]; then nice -n10 /usr/local/sbin/logcheck; fi diff --git a/security/logcheck/files/patch-etc__logcheck.conf b/security/logcheck/files/patch-etc__logcheck.conf new file mode 100644 index 000000000000..2c294410c95f --- /dev/null +++ b/security/logcheck/files/patch-etc__logcheck.conf @@ -0,0 +1,16 @@ +--- ./etc/logcheck.conf.orig 2006-10-29 02:55:02.000000000 -0500 ++++ ./etc/logcheck.conf 2008-09-06 19:11:28.000000000 -0400 +@@ -47,12 +47,7 @@ + # Controls the base directory for rules file location + # This must be an absolute path + +-#RULEDIR="/etc/logcheck" +- +-# Controls if syslog-summary is run over each section. +-# Alternatively, set to "1" to enable extra summary. +- +-#SYSLOGSUMMARY=0 ++#RULEDIR="/usr/local/etc/logcheck" + + # Controls Subject: lines on logcheck reports: + diff --git a/security/logcheck/files/patch-logcheck.sh b/security/logcheck/files/patch-logcheck.sh deleted file mode 100644 index bd71d4e5c58d..000000000000 --- a/security/logcheck/files/patch-logcheck.sh +++ /dev/null @@ -1,10 +0,0 @@ ---- systems/freebsd/logcheck.sh.dist Mon Nov 1 00:07:29 1999 -+++ systems/freebsd/logcheck.sh Mon Sep 8 06:56:37 2003 -@@ -173,6 +173,7 @@ - # FreeBSD 2.x - $LOGTAIL /var/log/messages > $TMPDIR/check.$$ - $LOGTAIL /var/log/maillog >> $TMPDIR/check.$$ -+$LOGTAIL /var/log/security >> $TMPDIR/check.$$ - - # BSDI 2.x - #$LOGTAIL /var/log/messages > $TMPDIR/check.$$ diff --git a/security/logcheck/files/patch-src__logcheck b/security/logcheck/files/patch-src__logcheck new file mode 100644 index 000000000000..faf0954ce518 --- /dev/null +++ b/security/logcheck/files/patch-src__logcheck @@ -0,0 +1,142 @@ +--- ./src/logcheck.orig 2007-01-16 01:13:27.000000000 -0500 ++++ ./src/logcheck 2008-09-06 19:11:28.000000000 -0400 +@@ -1,4 +1,4 @@ +-#!/bin/bash ++#!/usr/local/bin/bash + # + # Copyright (C) 2004-2006 Debian Logcheck Team + # <logcheck-devel@alioth.lists.debian.org> +@@ -26,17 +26,10 @@ + + if [ $UID == 0 ]; then + echo "logcheck should not be run as root. Use su to invoke logcheck:" +- echo "su -s /bin/bash -c \"/usr/sbin/logcheck${@:+ $@}\" logcheck" ++ echo "su logcheck -c \"/usr/local/bin/bash /usr/local/sbin/logcheck${@:+ $@}\"" + echo "Or use sudo: sudo -u logcheck logcheck${@:+ $@}." + # you may want to uncomment that hack to let logcheck invoke itself. +- # su -s /bin/bash -c "$0 $*" logcheck +- exit 1 +-fi +- +-if [ ! -f /usr/bin/lockfile-create -o \ +- ! -f /usr/bin/lockfile-remove -o \ +- ! -f /usr/bin/lockfile-touch ]; then +- echo "fatal: lockfile-progs is a prerequisite for logcheck, and was not found." ++ # su -s /usr/local/bin/bash -c "$0 $*" logcheck + exit 1 + fi + +@@ -68,12 +61,12 @@ + ADDTAG="no" + + # Set the default paths +-RULEDIR="/etc/logcheck" +-CONFFILE="/etc/logcheck/logcheck.conf" ++RULEDIR="/usr/local/etc/logcheck" ++CONFFILE="/usr/local/etc/logcheck/logcheck.conf" + STATEDIR="/var/lib/logcheck" +-LOGFILES_LIST="/etc/logcheck/logcheck.logfiles" +-LOGFILE_FALLBACK="/var/log/syslog" +-LOGTAIL="/usr/sbin/logtail" ++LOGFILES_LIST="/usr/local/etc/logcheck/logcheck.logfiles" ++LOGFILE_FALLBACK="/var/log/messages" ++LOGTAIL="/usr/local/sbin/logtail" + CAT="/bin/cat" + SYSLOG_SUMMARY="/usr/bin/syslog-summary" + +@@ -87,20 +80,15 @@ + SORTUNIQ=0 + SUPPORT_CRACKING_IGNORE=0 + SYSLOGSUMMARY=0 +-LOCKDIR=/var/lock/logcheck ++LOCKDIR=/var/run/logcheck + LOCKFILE="$LOCKDIR/logcheck" + + # Carry out the clean up tasks + cleanup() { + +- if [ -n "$LOCK" ]; then +- debug "cleanup: Killing lockfile-touch - $LOCK" +- kill $LOCK && unset LOCK +- fi +- +- if [ -f "$LOCKFILE.lock" ]; then +- debug "cleanup: Removing lockfile: $LOCKFILE.lock" +- lockfile-remove $LOCKFILE ++ if [ -f "$LOCKFILE" ]; then ++ debug "cleanup: Removing lockfile: $LOCKFILE" ++ rm -f $LOCKFILE + fi + + if [ -d $TMPDIR ]; then +@@ -142,14 +130,9 @@ + if [ "$2" = "noclean" ]; then + debug "error: Not removing lockfile" + else +- if [ -n "$LOCK" ]; then +- debug "error: Killing lockfile-touch - $LOCK" +- kill $LOCK && unset LOCK +- fi +- +- if [ -f "$LOCKFILE.lock" ]; then +- debug "error: Removing lockfile: $LOCKFILE.lock" +- lockfile-remove $LOCKFILE ++ if [ -f "$LOCKFILE" ]; then ++ debug "error: Removing lockfile: $LOCKFILE" ++ rm -f $LOCKFILE + fi + + fi +@@ -212,8 +195,7 @@ + mkdir $cleaned \ + || error "Could not make dir $cleaned for cleaned rulefiles." + fi +- for rulefile in $(run-parts --list $dir); do +- rulefile=$(basename $rulefile) ++ for rulefile in $(ls -1R $dir); do + if [ -f ${dir}/${rulefile} ]; then + debug "cleanrules: ${dir}/${rulefile}" + if [ -r ${dir}/${rulefile} ]; then +@@ -544,9 +526,9 @@ + + # Hostname either fully qualified or not. + if [ $FQDN -eq 1 ]; then +- HOSTNAME="$(hostname --fqdn)" > /dev/null 2>&1 ++ HOSTNAME="$(hostname -f)" > /dev/null 2>&1 + else +- HOSTNAME="$(hostname --short)" > /dev/null 2>&1 ++ HOSTNAME="$(hostname -s)" > /dev/null 2>&1 + fi + + # Now check for the other options +@@ -625,25 +607,21 @@ + + trap 'cleanup' 0 + +-debug "Trying to get lockfile: $LOCKFILE.lock" ++debug "Trying to get lockfile: $LOCKFILE" + if [ ! -d $LOCKDIR ]; then + mkdir -m 0755 $LOCKDIR + fi +-lockfile-create --retry 1 $LOCKFILE > /dev/null 2>&1 ++lockfile -r 1 $LOCKFILE > /dev/null 2>&1 + + + if [ $? -eq 1 ]; then + trap 0 +- error "Failed to get lockfile: $LOCKFILE.lock" "noclean" +-else +- debug "Running lockfile-touch $LOCKFILE.lock" +- lockfile-touch $LOCKFILE & +- LOCK="$!" ++ error "Failed to get lockfile: $LOCKFILE" "noclean" + fi + + # Create the secure temporary directory or exit +-TMPDIR=$(mktemp -d -p /tmp logcheck.XXXXXX) \ +- || TMPDIR=$(mktemp -d -p /var/tmp logcheck.XXXXXX) \ ++TMPDIR=$(mktemp -d /tmp/logcheck.XXXXXX) \ ++ || TMPDIR=$(mktemp -d /var/tmp/logcheck.XXXXXX) \ + || error "Could not create temporary directory" + + # Now clean the rulefiles in the directories diff --git a/security/logcheck/files/pkg-deinstall.in b/security/logcheck/files/pkg-deinstall.in new file mode 100644 index 000000000000..da113018941a --- /dev/null +++ b/security/logcheck/files/pkg-deinstall.in @@ -0,0 +1,33 @@ +#!/bin/sh + +user="logcheck" +group="logcheck" +configfiles="logcheck.conf logcheck.logfiles" + +case $2 in +DEINSTALL) + for f in ${configfiles}; do + if diff %%PREFIX%%/etc/logcheck/${f} %%PREFIX%%/etc/logcheck/${f}.sample > /dev/null; then + echo "---> ${f} configuration file is the same as ${f}.sample" + rm -f %%PREFIX%%/etc/logcheck/${f} + echo "---> Deleted %%PREFIX%%/etc/logcheck/${f}" + else + echo "---> %%PREFIX%%/etc/logcheck/${f} differs from sample file; not deleted" + fi + done +;; +POST-DEINSTALL) + if /usr/bin/crontab -u "${user}" -l > /dev/null 2>&1; then + rm -f /var/cron/tabs/${user} + echo "---> Removed crontab for \"${user}\"." + fi + + if pw user show ${user} > /dev/null 2>&1; then + pw user del ${user} + echo "---> Removed user \"${user}\" and group \"${group}\"." + fi + if pw group show ${group} > /dev/null 2>&1; then + pw group del ${group} + fi +;; +esac diff --git a/security/logcheck/files/pkg-install.in b/security/logcheck/files/pkg-install.in new file mode 100644 index 000000000000..4186b190eb42 --- /dev/null +++ b/security/logcheck/files/pkg-install.in @@ -0,0 +1,51 @@ +#!/bin/sh + +user="logcheck" +group="logcheck" +descr="Logcheck system account" +homedir="/var/lib/logcheck" +shell="/usr/bin/false" +configfiles="logcheck.conf logcheck.logfiles" + +case $2 in +PRE-INSTALL) + if pw group show ${group} > /dev/null 2>&1; then + echo "---> You already have a group \"${group}\", so I will use it." + else + pw group add "${group}" + echo "---> Created group \"${group}\"." + fi + if pw user show ${user} > /dev/null 2>&1; then + echo "---> You already have a user \"${user}\", so I will use it." + else + pw user add -n logcheck -c "${descr}" -d "${homedir}" -s "${shell}" -g logcheck -G wheel + echo "---> Created user \"${user}\"." + fi +;; +POST-INSTALL) + if [ -f %%EXAMPLESDIR%%/crontab.in ] ; then + if /usr/bin/crontab -u "${user}" -l >/tmp/logchecktab$$ 2>&1 ; then + if test -s /tmp/logchecktab$$; then + echo "---> \"${user}\" already has a crontab. Not overwriting it" + echo "---> Please merge any changes from the standard crontab file" + echo "---> %%EXAMPLESDIR%%/crontab.in" + else + /usr/bin/crontab -u "${user}" "%%EXAMPLESDIR%%/crontab.in" || exit 1 + echo "---> Installed crontab(5) file for user \"${user}\"" + fi + else + /usr/bin/crontab -u "${user}" "%%EXAMPLESDIR%%/crontab.in" || exit 1 + echo "---> Created crontab(5) file for user \"${user}\"" + fi + rm -f /tmp/logchecktab$$ + fi + + for f in ${configfiles}; do + if [ ! -e %%PREFIX%%/etc/logcheck/${f} ]; then + echo "---> It seems you have no previous version of %%PREFIX%%/etc/logcheck/${f}" + cp %%PREFIX%%/etc/logcheck/${f}.sample %%PREFIX%%/etc/logcheck/${f} + echo "---> Created one from ${f}.sample" + fi + done +;; +esac diff --git a/security/logcheck/files/pkg-message.in b/security/logcheck/files/pkg-message.in new file mode 100644 index 000000000000..2879b0aa129e --- /dev/null +++ b/security/logcheck/files/pkg-message.in @@ -0,0 +1,13 @@ +---------------------------------------------------------------------------- +Please make sure that all files listed in + + %%PREFIX%%/etc/logcheck/logcheck.logfiles + +are readable to 'wheel' group (see also /etc/newsyslog.conf), or remove +them from the aforementioned logcheck configuration file. + +For information on how to write local rulesets see + + %%PREFIX%%/share/doc/logcheck/README.logcheck-database + +---------------------------------------------------------------------------- diff --git a/security/logcheck/pkg-descr b/security/logcheck/pkg-descr index 71abf6ac953e..4fff03433ee4 100644 --- a/security/logcheck/pkg-descr +++ b/security/logcheck/pkg-descr @@ -1,10 +1,7 @@ -Logcheck helps spot problems and security violations in your logfiles -automatically and will send the results to you in e-mail. +Mails anomalies in the system logfiles to the administrator. -It is a program created to help in the processing of UNIX system logfiles -generated by the various system daemons. Logcheck also works very well at -reporting on other common operating system security violations and strange -events. +Logcheck helps spot problems, anomalies and security violations +in your logfiles automatically and will send the summaries to you +via e-mail. Logcheck is run as a cron job. -- Dan Langille -dan@freebsddiary.org +WWW: http://alioth.debian.org/projects/logcheck/ diff --git a/security/logcheck/pkg-plist b/security/logcheck/pkg-plist index 55ac237872d2..e990d28f7e75 100644 --- a/security/logcheck/pkg-plist +++ b/security/logcheck/pkg-plist @@ -1,16 +1,184 @@ -@comment $FreeBSD$ -bin/logtail -@exec test -d %%LOGCHECK_TMP%% || mkdir -m 700 %%LOGCHECK_TMP%% && chown root:wheel %%LOGCHECK_TMP%% -@unexec rmdir %%LOGCHECK_TMP%% 2>/dev/null || true -etc/logcheck.hacking.sample -etc/logcheck.ignore.sample -etc/logcheck.sh -etc/logcheck.violations.ignore.sample -etc/logcheck.violations.sample -%%PORTDOCS%%%%DOCSDIR%%/CREDITS -%%PORTDOCS%%%%DOCSDIR%%/INSTALL -%%PORTDOCS%%%%DOCSDIR%%/README -%%PORTDOCS%%%%DOCSDIR%%/README.how.to.interpret -%%PORTDOCS%%%%DOCSDIR%%/README.keywords -%%PORTDOCS%%@dirrm %%DOCSDIR%% -@dirrm %%EXAMPLESDIR%% +%%ETCDIR%%/cracking.d/logcheck +%%ETCDIR%%/cracking.d/smartd +%%ETCDIR%%/ignore.d.paranoid/bind +%%ETCDIR%%/ignore.d.paranoid/cron +%%ETCDIR%%/ignore.d.paranoid/logcheck +%%ETCDIR%%/ignore.d.paranoid/postfix +%%ETCDIR%%/ignore.d.paranoid/ppp +%%ETCDIR%%/ignore.d.paranoid/qpopper +%%ETCDIR%%/ignore.d.paranoid/squid +%%ETCDIR%%/ignore.d.paranoid/ssh +%%ETCDIR%%/ignore.d.paranoid/stunnel +%%ETCDIR%%/ignore.d.paranoid/sysklogd +%%ETCDIR%%/ignore.d.paranoid/telnetd +%%ETCDIR%%/ignore.d.paranoid/tripwire +%%ETCDIR%%/ignore.d.server/amandad +%%ETCDIR%%/ignore.d.server/anacron +%%ETCDIR%%/ignore.d.server/anon-proxy +%%ETCDIR%%/ignore.d.server/apache +%%ETCDIR%%/ignore.d.server/arpwatch +%%ETCDIR%%/ignore.d.server/automount +%%ETCDIR%%/ignore.d.server/bind +%%ETCDIR%%/ignore.d.server/bluez-utils +%%ETCDIR%%/ignore.d.server/courier +%%ETCDIR%%/ignore.d.server/cpqarrayd +%%ETCDIR%%/ignore.d.server/cpufreqd +%%ETCDIR%%/ignore.d.server/cracklib +%%ETCDIR%%/ignore.d.server/cron +%%ETCDIR%%/ignore.d.server/cron-apt +%%ETCDIR%%/ignore.d.server/cups-lpd +%%ETCDIR%%/ignore.d.server/cvs-pserver +%%ETCDIR%%/ignore.d.server/cvsd +%%ETCDIR%%/ignore.d.server/cyrus +%%ETCDIR%%/ignore.d.server/dcc +%%ETCDIR%%/ignore.d.server/dhclient +%%ETCDIR%%/ignore.d.server/dhcp +%%ETCDIR%%/ignore.d.server/dictd +%%ETCDIR%%/ignore.d.server/dkfilter +%%ETCDIR%%/ignore.d.server/dnsmasq +%%ETCDIR%%/ignore.d.server/dovecot +%%ETCDIR%%/ignore.d.server/dspam +%%ETCDIR%%/ignore.d.server/epmd +%%ETCDIR%%/ignore.d.server/exim4 +%%ETCDIR%%/ignore.d.server/gps +%%ETCDIR%%/ignore.d.server/grinch +%%ETCDIR%%/ignore.d.server/horde3 +%%ETCDIR%%/ignore.d.server/hplip +%%ETCDIR%%/ignore.d.server/hylafax +%%ETCDIR%%/ignore.d.server/imap +%%ETCDIR%%/ignore.d.server/imapproxy +%%ETCDIR%%/ignore.d.server/imp +%%ETCDIR%%/ignore.d.server/imp4 +%%ETCDIR%%/ignore.d.server/innd +%%ETCDIR%%/ignore.d.server/ipppd +%%ETCDIR%%/ignore.d.server/isdnlog +%%ETCDIR%%/ignore.d.server/isdnutils +%%ETCDIR%%/ignore.d.server/jabberd +%%ETCDIR%%/ignore.d.server/kernel +%%ETCDIR%%/ignore.d.server/logcheck +%%ETCDIR%%/ignore.d.server/lpr +%%ETCDIR%%/ignore.d.server/maradns +%%ETCDIR%%/ignore.d.server/mldonkey-server +%%ETCDIR%%/ignore.d.server/mon +%%ETCDIR%%/ignore.d.server/nagios +%%ETCDIR%%/ignore.d.server/netconsole +%%ETCDIR%%/ignore.d.server/nfs +%%ETCDIR%%/ignore.d.server/nntpcache +%%ETCDIR%%/ignore.d.server/nscd +%%ETCDIR%%/ignore.d.server/ntp +%%ETCDIR%%/ignore.d.server/oidentd +%%ETCDIR%%/ignore.d.server/openvpn +%%ETCDIR%%/ignore.d.server/pdns +%%ETCDIR%%/ignore.d.server/perdition +%%ETCDIR%%/ignore.d.server/policyd +%%ETCDIR%%/ignore.d.server/popa3d +%%ETCDIR%%/ignore.d.server/postfix +%%ETCDIR%%/ignore.d.server/postfix-policyd +%%ETCDIR%%/ignore.d.server/ppp +%%ETCDIR%%/ignore.d.server/pptpd +%%ETCDIR%%/ignore.d.server/proftpd +%%ETCDIR%%/ignore.d.server/pure-ftpd +%%ETCDIR%%/ignore.d.server/qpopper +%%ETCDIR%%/ignore.d.server/rbldnsd +%%ETCDIR%%/ignore.d.server/rpc_statd +%%ETCDIR%%/ignore.d.server/rsnapshot +%%ETCDIR%%/ignore.d.server/rsync +%%ETCDIR%%/ignore.d.server/sa-exim +%%ETCDIR%%/ignore.d.server/samba +%%ETCDIR%%/ignore.d.server/saned +%%ETCDIR%%/ignore.d.server/saslauthd +%%ETCDIR%%/ignore.d.server/scponly +%%ETCDIR%%/ignore.d.server/slapd +%%ETCDIR%%/ignore.d.server/smartd +%%ETCDIR%%/ignore.d.server/smokeping +%%ETCDIR%%/ignore.d.server/snmpd +%%ETCDIR%%/ignore.d.server/snort +%%ETCDIR%%/ignore.d.server/spamc +%%ETCDIR%%/ignore.d.server/spamd +%%ETCDIR%%/ignore.d.server/squid +%%ETCDIR%%/ignore.d.server/ssh +%%ETCDIR%%/ignore.d.server/stunnel +%%ETCDIR%%/ignore.d.server/sympa +%%ETCDIR%%/ignore.d.server/syslogd +%%ETCDIR%%/ignore.d.server/tftpd +%%ETCDIR%%/ignore.d.server/thy +%%ETCDIR%%/ignore.d.server/ucd-snmp +%%ETCDIR%%/ignore.d.server/uptimed +%%ETCDIR%%/ignore.d.server/userv +%%ETCDIR%%/ignore.d.server/watchdog +%%ETCDIR%%/ignore.d.server/webmin +%%ETCDIR%%/ignore.d.server/xinetd +%%ETCDIR%%/ignore.d.workstation/automount +%%ETCDIR%%/ignore.d.workstation/bind +%%ETCDIR%%/ignore.d.workstation/bluez-utils +%%ETCDIR%%/ignore.d.workstation/bonobo +%%ETCDIR%%/ignore.d.workstation/francine +%%ETCDIR%%/ignore.d.workstation/gconf +%%ETCDIR%%/ignore.d.workstation/gdm +%%ETCDIR%%/ignore.d.workstation/hald +%%ETCDIR%%/ignore.d.workstation/hcid +%%ETCDIR%%/ignore.d.workstation/ifplugd +%%ETCDIR%%/ignore.d.workstation/ippl +%%ETCDIR%%/ignore.d.workstation/kdm +%%ETCDIR%%/ignore.d.workstation/kernel +%%ETCDIR%%/ignore.d.workstation/logcheck +%%ETCDIR%%/ignore.d.workstation/net-acct +%%ETCDIR%%/ignore.d.workstation/nntpcache +%%ETCDIR%%/ignore.d.workstation/polypaudio +%%ETCDIR%%/ignore.d.workstation/postfix +%%ETCDIR%%/ignore.d.workstation/ppp +%%ETCDIR%%/ignore.d.workstation/proftpd +%%ETCDIR%%/ignore.d.workstation/pump +%%ETCDIR%%/ignore.d.workstation/sendfile +%%ETCDIR%%/ignore.d.workstation/squid +%%ETCDIR%%/ignore.d.workstation/udev +%%ETCDIR%%/ignore.d.workstation/wdm +%%ETCDIR%%/ignore.d.workstation/winbind +%%ETCDIR%%/ignore.d.workstation/xdm +%%ETCDIR%%/logcheck.conf.sample +%%ETCDIR%%/logcheck.logfiles.sample +%%ETCDIR%%/violations.d/kernel +%%ETCDIR%%/violations.d/logcheck +%%ETCDIR%%/violations.d/smartd +%%ETCDIR%%/violations.d/su +%%ETCDIR%%/violations.d/sudo +%%ETCDIR%%/violations.ignore.d/logcheck-bind +%%ETCDIR%%/violations.ignore.d/logcheck-bluez-utils +%%ETCDIR%%/violations.ignore.d/logcheck-courier +%%ETCDIR%%/violations.ignore.d/logcheck-cron-apt +%%ETCDIR%%/violations.ignore.d/logcheck-cyrus +%%ETCDIR%%/violations.ignore.d/logcheck-dcc +%%ETCDIR%%/violations.ignore.d/logcheck-dovecot +%%ETCDIR%%/violations.ignore.d/logcheck-hylafax +%%ETCDIR%%/violations.ignore.d/logcheck-innd +%%ETCDIR%%/violations.ignore.d/logcheck-kernel +%%ETCDIR%%/violations.ignore.d/logcheck-login +%%ETCDIR%%/violations.ignore.d/logcheck-mon +%%ETCDIR%%/violations.ignore.d/logcheck-nagios +%%ETCDIR%%/violations.ignore.d/logcheck-openvpn +%%ETCDIR%%/violations.ignore.d/logcheck-pdns +%%ETCDIR%%/violations.ignore.d/logcheck-postfix +%%ETCDIR%%/violations.ignore.d/logcheck-proftpd +%%ETCDIR%%/violations.ignore.d/logcheck-pureftp +%%ETCDIR%%/violations.ignore.d/logcheck-samba +%%ETCDIR%%/violations.ignore.d/logcheck-saslauthd +%%ETCDIR%%/violations.ignore.d/logcheck-sendmail_tmp +%%ETCDIR%%/violations.ignore.d/logcheck-smartd +%%ETCDIR%%/violations.ignore.d/logcheck-spamd +%%ETCDIR%%/violations.ignore.d/logcheck-squid +%%ETCDIR%%/violations.ignore.d/logcheck-ssh +%%ETCDIR%%/violations.ignore.d/logcheck-su +%%ETCDIR%%/violations.ignore.d/logcheck-sudo +%%ETCDIR%%/violations.ignore.d/logcheck-usb +%%ETCDIR%%/violations.ignore.d/logcheck-winbind +sbin/logcheck +sbin/logtail +%%PORTEXAMPLES%%%%EXAMPLESDIR%%/crontab.in +%%PORTEXAMPLES%%@dirrm %%EXAMPLESDIR%% +@dirrm %%ETCDIR%%/violations.ignore.d +@dirrm %%ETCDIR%%/violations.d +@dirrm %%ETCDIR%%/ignore.d.workstation +@dirrm %%ETCDIR%%/ignore.d.server +@dirrm %%ETCDIR%%/ignore.d.paranoid +@dirrm %%ETCDIR%%/cracking.d +@dirrm %%ETCDIR%% |