aboutsummaryrefslogtreecommitdiff
path: root/security/logcheck
diff options
context:
space:
mode:
authorGreg Larkin <glarkin@FreeBSD.org>2008-09-07 01:31:56 +0000
committerGreg Larkin <glarkin@FreeBSD.org>2008-09-07 01:31:56 +0000
commit6dd443c9f73636f3e76043d8e11d01095fddf657 (patch)
treed4ddb94c50c1bfbb95209f0da67d99ea66b740b2 /security/logcheck
parentfa596a3067e76b84f109884d129d376bbbdf6f87 (diff)
downloadports-6dd443c9f73636f3e76043d8e11d01095fddf657.tar.gz
ports-6dd443c9f73636f3e76043d8e11d01095fddf657.zip
Notes
Diffstat (limited to 'security/logcheck')
-rw-r--r--security/logcheck/Makefile79
-rw-r--r--security/logcheck/distinfo6
-rw-r--r--security/logcheck/files/patch-debian__logcheck.cron.d16
-rw-r--r--security/logcheck/files/patch-etc__logcheck.conf16
-rw-r--r--security/logcheck/files/patch-logcheck.sh10
-rw-r--r--security/logcheck/files/patch-src__logcheck142
-rw-r--r--security/logcheck/files/pkg-deinstall.in33
-rw-r--r--security/logcheck/files/pkg-install.in51
-rw-r--r--security/logcheck/files/pkg-message.in13
-rw-r--r--security/logcheck/pkg-descr13
-rw-r--r--security/logcheck/pkg-plist200
11 files changed, 514 insertions, 65 deletions
diff --git a/security/logcheck/Makefile b/security/logcheck/Makefile
index 10fdabd3587a..605ed57c64e9 100644
--- a/security/logcheck/Makefile
+++ b/security/logcheck/Makefile
@@ -6,45 +6,68 @@
#
PORTNAME= logcheck
-PORTVERSION= 1.1.1
-PORTREVISION= 4
+PORTVERSION= 1.2.54
CATEGORIES= security
-MASTER_SITES= ${MASTER_SITE_SOURCEFORGE}
-MASTER_SITE_SUBDIR= sentrytools
+MASTER_SITES= ftp://ftp.debian.org/debian/pool/main/l/logcheck/ \
+ http://ftp.de.debian.org/debian/pool/main/l/logcheck/
+DISTNAME= ${PORTNAME}_${PORTVERSION}
-MAINTAINER= ports@FreeBSD.org
+MAINTAINER= glarkin@FreeBSD.org
COMMENT= Auditing tool for system logs on Unix boxes
-# Install binaries and config files readable to root only
-BINMODE= 700
-SHAREMODE= 600
+BUILD_DEPENDS= docbook-to-man:${PORTSDIR}/textproc/docbook-to-man
+RUN_DEPENDS= lockfile:${PORTSDIR}/mail/procmail \
+ bash:${PORTSDIR}/shells/bash \
+ perl:${PORTSDIR}/lang/perl5
-LOGCHECK_TMP?= /var/run/logcheck
-PLIST_SUB+= LOGCHECK_TMP=${LOGCHECK_TMP}
-
-CONFIG_FILES= logcheck.hacking logcheck.ignore \
- logcheck.violations logcheck.violations.ignore
-DOCS= CREDITS INSTALL README README.how.to.interpret README.keywords
+WRKSRC= ${WRKDIR}/${PORTNAME}-${PORTVERSION}
+BINMODE= 755
+SHAREMODE= 640
+SUB_FILES= pkg-install pkg-deinstall pkg-message
+CONFIG_DIRS= cracking.d ignore.d.paranoid ignore.d.server \
+ ignore.d.workstation violations.d violations.ignore.d
+DOCS= AUTHORS CHANGES CREDITS LICENSE TODO docs/README*
+PORTDOCS= ${DOCS:T}
+MAN8= logcheck.8 logtail.8
do-build:
- cd ${WRKSRC}/src && ${CC} ${CFLAGS} -o logtail logtail.c
- ${REINPLACE_CMD} -e 's!/usr/local/bin/logtail!${PREFIX}/bin/logtail!' \
- -e 's!/usr/local/etc/tmp!${LOGCHECK_TMP}!' \
- -e 's!/usr/local/etc/logcheck!${PREFIX}/etc/logcheck!' \
- ${WRKSRC}/systems/freebsd/logcheck.sh
+ ${REINPLACE_CMD} -e 's!/var/log/syslog!/var/log/messages!' \
+ ${WRKSRC}/etc/logcheck.logfiles
+ ${REINPLACE_CMD} -e 's!/etc/logcheck!/usr/local/etc/logcheck!' \
+ -e 's!/usr/share/doc/logcheck-database/README.logcheck-database.gz!${DOCSDIR}/README.logcheck-database!' \
+ ${WRKSRC}/docs/logcheck.sgml
+ docbook-to-man ${WRKSRC}/docs/logcheck.sgml > ${WRKSRC}/docs/logcheck.8
do-install:
- ${INSTALL_PROGRAM} ${WRKSRC}/src/logtail ${PREFIX}/bin
- ${INSTALL_SCRIPT} ${WRKSRC}/systems/freebsd/logcheck.sh ${PREFIX}/etc
- @${MKDIR} ${EXAMPLESDIR}
-.for f in ${CONFIG_FILES}
- @${INSTALL_DATA} ${WRKSRC}/systems/freebsd/${f} ${PREFIX}/etc/${f}.sample
+ ${INSTALL_SCRIPT} ${WRKSRC}/src/logcheck ${PREFIX}/sbin
+ ${INSTALL_SCRIPT} ${WRKSRC}/src/logtail ${PREFIX}/sbin
+ @PREFIX=${PREFIX} ${SH} ${PKGINSTALL} ${PKGNAME} PRE-INSTALL
+ @${INSTALL} -d /var/lib/logcheck
+ @${INSTALL} -d /var/run/logcheck
+ ${CHOWN} logcheck:logcheck /var/lib/logcheck
+ ${CHOWN} logcheck:logcheck /var/run/logcheck
+ @${INSTALL} -d ${ETCDIR}
+ @${INSTALL_DATA} ${WRKSRC}/etc/logcheck.conf ${ETCDIR}/logcheck.conf.sample
+ @${INSTALL_DATA} ${WRKSRC}/etc/logcheck.logfiles ${ETCDIR}/logcheck.logfiles.sample
+.for i in ${CONFIG_DIRS}
+ @${INSTALL} -d ${ETCDIR}/${i}
+ @${INSTALL_DATA} ${WRKSRC}/rulefiles/linux/${i}/* ${ETCDIR}/${i}
.endfor
- ${TEST} -d ${LOGCHECK_TMP} || ${MKDIR} -m 700 ${LOGCHECK_TMP}
- ${CHOWN} root:wheel ${LOGCHECK_TMP}
+ @${INSTALL} -d ${DOCSDIR}
+.if !defined(NOPORTEXAMPLES)
+ @${INSTALL} -d ${EXAMPLESDIR}
+ @${INSTALL_DATA} ${WRKSRC}/debian/logcheck.cron.d ${EXAMPLESDIR}/crontab.in
+.endif
+ ${CHOWN} -R root:logcheck ${ETCDIR}
+ @PREFIX=${PREFIX} ${SH} ${PKGINSTALL} ${PKGNAME} POST-INSTALL
+ @${INSTALL_MAN} ${WRKSRC}/docs/*.8 ${MAN8PREFIX}/man/man8
+
+post-install:
.if !defined(NOPORTDOCS)
- @${MKDIR} ${DOCSDIR}
- cd ${WRKSRC} && ${INSTALL_DATA} ${DOCS} ${DOCSDIR}
+ @${INSTALL} -d ${DOCSDIR}
+ @cd ${WRKSRC} && ${INSTALL_DATA} ${DOCS} ${DOCSDIR}
+ ${CHMOD} 644 ${DOCSDIR}/*
.endif
+ @${CAT} ${PKGMESSAGE}
.include <bsd.port.mk>
diff --git a/security/logcheck/distinfo b/security/logcheck/distinfo
index cc712aa5ed1e..ecea6b49e342 100644
--- a/security/logcheck/distinfo
+++ b/security/logcheck/distinfo
@@ -1,3 +1,3 @@
-MD5 (logcheck-1.1.1.tar.gz) = e97c2f096e219e20310c1b80e9e1bc29
-SHA256 (logcheck-1.1.1.tar.gz) = dfe4cb29305c619dc0a0aca5b11b2bd397baccf3076b48f03457f66f299ab42e
-SIZE (logcheck-1.1.1.tar.gz) = 30267
+MD5 (logcheck_1.2.54.tar.gz) = bbb6fce8987503d7677441d7154fb598
+SHA256 (logcheck_1.2.54.tar.gz) = a15c177211bbd12cef482a0b8fbdd6d32bc6ff7172f0ec54257ca1c68f921b3a
+SIZE (logcheck_1.2.54.tar.gz) = 141094
diff --git a/security/logcheck/files/patch-debian__logcheck.cron.d b/security/logcheck/files/patch-debian__logcheck.cron.d
new file mode 100644
index 000000000000..7ab3d2b422d7
--- /dev/null
+++ b/security/logcheck/files/patch-debian__logcheck.cron.d
@@ -0,0 +1,16 @@
+--- ./debian/logcheck.cron.d.orig 2006-08-06 19:10:49.000000000 -0400
++++ ./debian/logcheck.cron.d 2008-09-06 19:11:28.000000000 -0400
+@@ -1,9 +1,5 @@
+-# /etc/cron.d/logcheck: crontab entries for the logcheck package
+-
+-PATH=/usr/local/sbin:/usr/local/bin:/sbin:/bin:/usr/sbin:/usr/bin
++# crontab entries for the logcheck package
++PATH=/sbin:/bin:/usr/sbin:/usr/bin:/usr/local/sbin:/usr/local/bin
+ MAILTO=root
+-
+-@reboot logcheck if [ -x /usr/sbin/logcheck ]; then nice -n10 /usr/sbin/logcheck -R; fi
+-2 * * * * logcheck if [ -x /usr/sbin/logcheck ]; then nice -n10 /usr/sbin/logcheck; fi
+-
+-# EOF
++@reboot if [ -x /usr/local/sbin/logcheck ]; then nice -n10 /usr/local/sbin/logcheck -R; fi
++2 * * * * if [ -x /usr/local/sbin/logcheck ]; then nice -n10 /usr/local/sbin/logcheck; fi
diff --git a/security/logcheck/files/patch-etc__logcheck.conf b/security/logcheck/files/patch-etc__logcheck.conf
new file mode 100644
index 000000000000..2c294410c95f
--- /dev/null
+++ b/security/logcheck/files/patch-etc__logcheck.conf
@@ -0,0 +1,16 @@
+--- ./etc/logcheck.conf.orig 2006-10-29 02:55:02.000000000 -0500
++++ ./etc/logcheck.conf 2008-09-06 19:11:28.000000000 -0400
+@@ -47,12 +47,7 @@
+ # Controls the base directory for rules file location
+ # This must be an absolute path
+
+-#RULEDIR="/etc/logcheck"
+-
+-# Controls if syslog-summary is run over each section.
+-# Alternatively, set to "1" to enable extra summary.
+-
+-#SYSLOGSUMMARY=0
++#RULEDIR="/usr/local/etc/logcheck"
+
+ # Controls Subject: lines on logcheck reports:
+
diff --git a/security/logcheck/files/patch-logcheck.sh b/security/logcheck/files/patch-logcheck.sh
deleted file mode 100644
index bd71d4e5c58d..000000000000
--- a/security/logcheck/files/patch-logcheck.sh
+++ /dev/null
@@ -1,10 +0,0 @@
---- systems/freebsd/logcheck.sh.dist Mon Nov 1 00:07:29 1999
-+++ systems/freebsd/logcheck.sh Mon Sep 8 06:56:37 2003
-@@ -173,6 +173,7 @@
- # FreeBSD 2.x
- $LOGTAIL /var/log/messages > $TMPDIR/check.$$
- $LOGTAIL /var/log/maillog >> $TMPDIR/check.$$
-+$LOGTAIL /var/log/security >> $TMPDIR/check.$$
-
- # BSDI 2.x
- #$LOGTAIL /var/log/messages > $TMPDIR/check.$$
diff --git a/security/logcheck/files/patch-src__logcheck b/security/logcheck/files/patch-src__logcheck
new file mode 100644
index 000000000000..faf0954ce518
--- /dev/null
+++ b/security/logcheck/files/patch-src__logcheck
@@ -0,0 +1,142 @@
+--- ./src/logcheck.orig 2007-01-16 01:13:27.000000000 -0500
++++ ./src/logcheck 2008-09-06 19:11:28.000000000 -0400
+@@ -1,4 +1,4 @@
+-#!/bin/bash
++#!/usr/local/bin/bash
+ #
+ # Copyright (C) 2004-2006 Debian Logcheck Team
+ # <logcheck-devel@alioth.lists.debian.org>
+@@ -26,17 +26,10 @@
+
+ if [ $UID == 0 ]; then
+ echo "logcheck should not be run as root. Use su to invoke logcheck:"
+- echo "su -s /bin/bash -c \"/usr/sbin/logcheck${@:+ $@}\" logcheck"
++ echo "su logcheck -c \"/usr/local/bin/bash /usr/local/sbin/logcheck${@:+ $@}\""
+ echo "Or use sudo: sudo -u logcheck logcheck${@:+ $@}."
+ # you may want to uncomment that hack to let logcheck invoke itself.
+- # su -s /bin/bash -c "$0 $*" logcheck
+- exit 1
+-fi
+-
+-if [ ! -f /usr/bin/lockfile-create -o \
+- ! -f /usr/bin/lockfile-remove -o \
+- ! -f /usr/bin/lockfile-touch ]; then
+- echo "fatal: lockfile-progs is a prerequisite for logcheck, and was not found."
++ # su -s /usr/local/bin/bash -c "$0 $*" logcheck
+ exit 1
+ fi
+
+@@ -68,12 +61,12 @@
+ ADDTAG="no"
+
+ # Set the default paths
+-RULEDIR="/etc/logcheck"
+-CONFFILE="/etc/logcheck/logcheck.conf"
++RULEDIR="/usr/local/etc/logcheck"
++CONFFILE="/usr/local/etc/logcheck/logcheck.conf"
+ STATEDIR="/var/lib/logcheck"
+-LOGFILES_LIST="/etc/logcheck/logcheck.logfiles"
+-LOGFILE_FALLBACK="/var/log/syslog"
+-LOGTAIL="/usr/sbin/logtail"
++LOGFILES_LIST="/usr/local/etc/logcheck/logcheck.logfiles"
++LOGFILE_FALLBACK="/var/log/messages"
++LOGTAIL="/usr/local/sbin/logtail"
+ CAT="/bin/cat"
+ SYSLOG_SUMMARY="/usr/bin/syslog-summary"
+
+@@ -87,20 +80,15 @@
+ SORTUNIQ=0
+ SUPPORT_CRACKING_IGNORE=0
+ SYSLOGSUMMARY=0
+-LOCKDIR=/var/lock/logcheck
++LOCKDIR=/var/run/logcheck
+ LOCKFILE="$LOCKDIR/logcheck"
+
+ # Carry out the clean up tasks
+ cleanup() {
+
+- if [ -n "$LOCK" ]; then
+- debug "cleanup: Killing lockfile-touch - $LOCK"
+- kill $LOCK && unset LOCK
+- fi
+-
+- if [ -f "$LOCKFILE.lock" ]; then
+- debug "cleanup: Removing lockfile: $LOCKFILE.lock"
+- lockfile-remove $LOCKFILE
++ if [ -f "$LOCKFILE" ]; then
++ debug "cleanup: Removing lockfile: $LOCKFILE"
++ rm -f $LOCKFILE
+ fi
+
+ if [ -d $TMPDIR ]; then
+@@ -142,14 +130,9 @@
+ if [ "$2" = "noclean" ]; then
+ debug "error: Not removing lockfile"
+ else
+- if [ -n "$LOCK" ]; then
+- debug "error: Killing lockfile-touch - $LOCK"
+- kill $LOCK && unset LOCK
+- fi
+-
+- if [ -f "$LOCKFILE.lock" ]; then
+- debug "error: Removing lockfile: $LOCKFILE.lock"
+- lockfile-remove $LOCKFILE
++ if [ -f "$LOCKFILE" ]; then
++ debug "error: Removing lockfile: $LOCKFILE"
++ rm -f $LOCKFILE
+ fi
+
+ fi
+@@ -212,8 +195,7 @@
+ mkdir $cleaned \
+ || error "Could not make dir $cleaned for cleaned rulefiles."
+ fi
+- for rulefile in $(run-parts --list $dir); do
+- rulefile=$(basename $rulefile)
++ for rulefile in $(ls -1R $dir); do
+ if [ -f ${dir}/${rulefile} ]; then
+ debug "cleanrules: ${dir}/${rulefile}"
+ if [ -r ${dir}/${rulefile} ]; then
+@@ -544,9 +526,9 @@
+
+ # Hostname either fully qualified or not.
+ if [ $FQDN -eq 1 ]; then
+- HOSTNAME="$(hostname --fqdn)" > /dev/null 2>&1
++ HOSTNAME="$(hostname -f)" > /dev/null 2>&1
+ else
+- HOSTNAME="$(hostname --short)" > /dev/null 2>&1
++ HOSTNAME="$(hostname -s)" > /dev/null 2>&1
+ fi
+
+ # Now check for the other options
+@@ -625,25 +607,21 @@
+
+ trap 'cleanup' 0
+
+-debug "Trying to get lockfile: $LOCKFILE.lock"
++debug "Trying to get lockfile: $LOCKFILE"
+ if [ ! -d $LOCKDIR ]; then
+ mkdir -m 0755 $LOCKDIR
+ fi
+-lockfile-create --retry 1 $LOCKFILE > /dev/null 2>&1
++lockfile -r 1 $LOCKFILE > /dev/null 2>&1
+
+
+ if [ $? -eq 1 ]; then
+ trap 0
+- error "Failed to get lockfile: $LOCKFILE.lock" "noclean"
+-else
+- debug "Running lockfile-touch $LOCKFILE.lock"
+- lockfile-touch $LOCKFILE &
+- LOCK="$!"
++ error "Failed to get lockfile: $LOCKFILE" "noclean"
+ fi
+
+ # Create the secure temporary directory or exit
+-TMPDIR=$(mktemp -d -p /tmp logcheck.XXXXXX) \
+- || TMPDIR=$(mktemp -d -p /var/tmp logcheck.XXXXXX) \
++TMPDIR=$(mktemp -d /tmp/logcheck.XXXXXX) \
++ || TMPDIR=$(mktemp -d /var/tmp/logcheck.XXXXXX) \
+ || error "Could not create temporary directory"
+
+ # Now clean the rulefiles in the directories
diff --git a/security/logcheck/files/pkg-deinstall.in b/security/logcheck/files/pkg-deinstall.in
new file mode 100644
index 000000000000..da113018941a
--- /dev/null
+++ b/security/logcheck/files/pkg-deinstall.in
@@ -0,0 +1,33 @@
+#!/bin/sh
+
+user="logcheck"
+group="logcheck"
+configfiles="logcheck.conf logcheck.logfiles"
+
+case $2 in
+DEINSTALL)
+ for f in ${configfiles}; do
+ if diff %%PREFIX%%/etc/logcheck/${f} %%PREFIX%%/etc/logcheck/${f}.sample > /dev/null; then
+ echo "---> ${f} configuration file is the same as ${f}.sample"
+ rm -f %%PREFIX%%/etc/logcheck/${f}
+ echo "---> Deleted %%PREFIX%%/etc/logcheck/${f}"
+ else
+ echo "---> %%PREFIX%%/etc/logcheck/${f} differs from sample file; not deleted"
+ fi
+ done
+;;
+POST-DEINSTALL)
+ if /usr/bin/crontab -u "${user}" -l > /dev/null 2>&1; then
+ rm -f /var/cron/tabs/${user}
+ echo "---> Removed crontab for \"${user}\"."
+ fi
+
+ if pw user show ${user} > /dev/null 2>&1; then
+ pw user del ${user}
+ echo "---> Removed user \"${user}\" and group \"${group}\"."
+ fi
+ if pw group show ${group} > /dev/null 2>&1; then
+ pw group del ${group}
+ fi
+;;
+esac
diff --git a/security/logcheck/files/pkg-install.in b/security/logcheck/files/pkg-install.in
new file mode 100644
index 000000000000..4186b190eb42
--- /dev/null
+++ b/security/logcheck/files/pkg-install.in
@@ -0,0 +1,51 @@
+#!/bin/sh
+
+user="logcheck"
+group="logcheck"
+descr="Logcheck system account"
+homedir="/var/lib/logcheck"
+shell="/usr/bin/false"
+configfiles="logcheck.conf logcheck.logfiles"
+
+case $2 in
+PRE-INSTALL)
+ if pw group show ${group} > /dev/null 2>&1; then
+ echo "---> You already have a group \"${group}\", so I will use it."
+ else
+ pw group add "${group}"
+ echo "---> Created group \"${group}\"."
+ fi
+ if pw user show ${user} > /dev/null 2>&1; then
+ echo "---> You already have a user \"${user}\", so I will use it."
+ else
+ pw user add -n logcheck -c "${descr}" -d "${homedir}" -s "${shell}" -g logcheck -G wheel
+ echo "---> Created user \"${user}\"."
+ fi
+;;
+POST-INSTALL)
+ if [ -f %%EXAMPLESDIR%%/crontab.in ] ; then
+ if /usr/bin/crontab -u "${user}" -l >/tmp/logchecktab$$ 2>&1 ; then
+ if test -s /tmp/logchecktab$$; then
+ echo "---> \"${user}\" already has a crontab. Not overwriting it"
+ echo "---> Please merge any changes from the standard crontab file"
+ echo "---> %%EXAMPLESDIR%%/crontab.in"
+ else
+ /usr/bin/crontab -u "${user}" "%%EXAMPLESDIR%%/crontab.in" || exit 1
+ echo "---> Installed crontab(5) file for user \"${user}\""
+ fi
+ else
+ /usr/bin/crontab -u "${user}" "%%EXAMPLESDIR%%/crontab.in" || exit 1
+ echo "---> Created crontab(5) file for user \"${user}\""
+ fi
+ rm -f /tmp/logchecktab$$
+ fi
+
+ for f in ${configfiles}; do
+ if [ ! -e %%PREFIX%%/etc/logcheck/${f} ]; then
+ echo "---> It seems you have no previous version of %%PREFIX%%/etc/logcheck/${f}"
+ cp %%PREFIX%%/etc/logcheck/${f}.sample %%PREFIX%%/etc/logcheck/${f}
+ echo "---> Created one from ${f}.sample"
+ fi
+ done
+;;
+esac
diff --git a/security/logcheck/files/pkg-message.in b/security/logcheck/files/pkg-message.in
new file mode 100644
index 000000000000..2879b0aa129e
--- /dev/null
+++ b/security/logcheck/files/pkg-message.in
@@ -0,0 +1,13 @@
+----------------------------------------------------------------------------
+Please make sure that all files listed in
+
+ %%PREFIX%%/etc/logcheck/logcheck.logfiles
+
+are readable to 'wheel' group (see also /etc/newsyslog.conf), or remove
+them from the aforementioned logcheck configuration file.
+
+For information on how to write local rulesets see
+
+ %%PREFIX%%/share/doc/logcheck/README.logcheck-database
+
+----------------------------------------------------------------------------
diff --git a/security/logcheck/pkg-descr b/security/logcheck/pkg-descr
index 71abf6ac953e..4fff03433ee4 100644
--- a/security/logcheck/pkg-descr
+++ b/security/logcheck/pkg-descr
@@ -1,10 +1,7 @@
-Logcheck helps spot problems and security violations in your logfiles
-automatically and will send the results to you in e-mail.
+Mails anomalies in the system logfiles to the administrator.
-It is a program created to help in the processing of UNIX system logfiles
-generated by the various system daemons. Logcheck also works very well at
-reporting on other common operating system security violations and strange
-events.
+Logcheck helps spot problems, anomalies and security violations
+in your logfiles automatically and will send the summaries to you
+via e-mail. Logcheck is run as a cron job.
-- Dan Langille
-dan@freebsddiary.org
+WWW: http://alioth.debian.org/projects/logcheck/
diff --git a/security/logcheck/pkg-plist b/security/logcheck/pkg-plist
index 55ac237872d2..e990d28f7e75 100644
--- a/security/logcheck/pkg-plist
+++ b/security/logcheck/pkg-plist
@@ -1,16 +1,184 @@
-@comment $FreeBSD$
-bin/logtail
-@exec test -d %%LOGCHECK_TMP%% || mkdir -m 700 %%LOGCHECK_TMP%% && chown root:wheel %%LOGCHECK_TMP%%
-@unexec rmdir %%LOGCHECK_TMP%% 2>/dev/null || true
-etc/logcheck.hacking.sample
-etc/logcheck.ignore.sample
-etc/logcheck.sh
-etc/logcheck.violations.ignore.sample
-etc/logcheck.violations.sample
-%%PORTDOCS%%%%DOCSDIR%%/CREDITS
-%%PORTDOCS%%%%DOCSDIR%%/INSTALL
-%%PORTDOCS%%%%DOCSDIR%%/README
-%%PORTDOCS%%%%DOCSDIR%%/README.how.to.interpret
-%%PORTDOCS%%%%DOCSDIR%%/README.keywords
-%%PORTDOCS%%@dirrm %%DOCSDIR%%
-@dirrm %%EXAMPLESDIR%%
+%%ETCDIR%%/cracking.d/logcheck
+%%ETCDIR%%/cracking.d/smartd
+%%ETCDIR%%/ignore.d.paranoid/bind
+%%ETCDIR%%/ignore.d.paranoid/cron
+%%ETCDIR%%/ignore.d.paranoid/logcheck
+%%ETCDIR%%/ignore.d.paranoid/postfix
+%%ETCDIR%%/ignore.d.paranoid/ppp
+%%ETCDIR%%/ignore.d.paranoid/qpopper
+%%ETCDIR%%/ignore.d.paranoid/squid
+%%ETCDIR%%/ignore.d.paranoid/ssh
+%%ETCDIR%%/ignore.d.paranoid/stunnel
+%%ETCDIR%%/ignore.d.paranoid/sysklogd
+%%ETCDIR%%/ignore.d.paranoid/telnetd
+%%ETCDIR%%/ignore.d.paranoid/tripwire
+%%ETCDIR%%/ignore.d.server/amandad
+%%ETCDIR%%/ignore.d.server/anacron
+%%ETCDIR%%/ignore.d.server/anon-proxy
+%%ETCDIR%%/ignore.d.server/apache
+%%ETCDIR%%/ignore.d.server/arpwatch
+%%ETCDIR%%/ignore.d.server/automount
+%%ETCDIR%%/ignore.d.server/bind
+%%ETCDIR%%/ignore.d.server/bluez-utils
+%%ETCDIR%%/ignore.d.server/courier
+%%ETCDIR%%/ignore.d.server/cpqarrayd
+%%ETCDIR%%/ignore.d.server/cpufreqd
+%%ETCDIR%%/ignore.d.server/cracklib
+%%ETCDIR%%/ignore.d.server/cron
+%%ETCDIR%%/ignore.d.server/cron-apt
+%%ETCDIR%%/ignore.d.server/cups-lpd
+%%ETCDIR%%/ignore.d.server/cvs-pserver
+%%ETCDIR%%/ignore.d.server/cvsd
+%%ETCDIR%%/ignore.d.server/cyrus
+%%ETCDIR%%/ignore.d.server/dcc
+%%ETCDIR%%/ignore.d.server/dhclient
+%%ETCDIR%%/ignore.d.server/dhcp
+%%ETCDIR%%/ignore.d.server/dictd
+%%ETCDIR%%/ignore.d.server/dkfilter
+%%ETCDIR%%/ignore.d.server/dnsmasq
+%%ETCDIR%%/ignore.d.server/dovecot
+%%ETCDIR%%/ignore.d.server/dspam
+%%ETCDIR%%/ignore.d.server/epmd
+%%ETCDIR%%/ignore.d.server/exim4
+%%ETCDIR%%/ignore.d.server/gps
+%%ETCDIR%%/ignore.d.server/grinch
+%%ETCDIR%%/ignore.d.server/horde3
+%%ETCDIR%%/ignore.d.server/hplip
+%%ETCDIR%%/ignore.d.server/hylafax
+%%ETCDIR%%/ignore.d.server/imap
+%%ETCDIR%%/ignore.d.server/imapproxy
+%%ETCDIR%%/ignore.d.server/imp
+%%ETCDIR%%/ignore.d.server/imp4
+%%ETCDIR%%/ignore.d.server/innd
+%%ETCDIR%%/ignore.d.server/ipppd
+%%ETCDIR%%/ignore.d.server/isdnlog
+%%ETCDIR%%/ignore.d.server/isdnutils
+%%ETCDIR%%/ignore.d.server/jabberd
+%%ETCDIR%%/ignore.d.server/kernel
+%%ETCDIR%%/ignore.d.server/logcheck
+%%ETCDIR%%/ignore.d.server/lpr
+%%ETCDIR%%/ignore.d.server/maradns
+%%ETCDIR%%/ignore.d.server/mldonkey-server
+%%ETCDIR%%/ignore.d.server/mon
+%%ETCDIR%%/ignore.d.server/nagios
+%%ETCDIR%%/ignore.d.server/netconsole
+%%ETCDIR%%/ignore.d.server/nfs
+%%ETCDIR%%/ignore.d.server/nntpcache
+%%ETCDIR%%/ignore.d.server/nscd
+%%ETCDIR%%/ignore.d.server/ntp
+%%ETCDIR%%/ignore.d.server/oidentd
+%%ETCDIR%%/ignore.d.server/openvpn
+%%ETCDIR%%/ignore.d.server/pdns
+%%ETCDIR%%/ignore.d.server/perdition
+%%ETCDIR%%/ignore.d.server/policyd
+%%ETCDIR%%/ignore.d.server/popa3d
+%%ETCDIR%%/ignore.d.server/postfix
+%%ETCDIR%%/ignore.d.server/postfix-policyd
+%%ETCDIR%%/ignore.d.server/ppp
+%%ETCDIR%%/ignore.d.server/pptpd
+%%ETCDIR%%/ignore.d.server/proftpd
+%%ETCDIR%%/ignore.d.server/pure-ftpd
+%%ETCDIR%%/ignore.d.server/qpopper
+%%ETCDIR%%/ignore.d.server/rbldnsd
+%%ETCDIR%%/ignore.d.server/rpc_statd
+%%ETCDIR%%/ignore.d.server/rsnapshot
+%%ETCDIR%%/ignore.d.server/rsync
+%%ETCDIR%%/ignore.d.server/sa-exim
+%%ETCDIR%%/ignore.d.server/samba
+%%ETCDIR%%/ignore.d.server/saned
+%%ETCDIR%%/ignore.d.server/saslauthd
+%%ETCDIR%%/ignore.d.server/scponly
+%%ETCDIR%%/ignore.d.server/slapd
+%%ETCDIR%%/ignore.d.server/smartd
+%%ETCDIR%%/ignore.d.server/smokeping
+%%ETCDIR%%/ignore.d.server/snmpd
+%%ETCDIR%%/ignore.d.server/snort
+%%ETCDIR%%/ignore.d.server/spamc
+%%ETCDIR%%/ignore.d.server/spamd
+%%ETCDIR%%/ignore.d.server/squid
+%%ETCDIR%%/ignore.d.server/ssh
+%%ETCDIR%%/ignore.d.server/stunnel
+%%ETCDIR%%/ignore.d.server/sympa
+%%ETCDIR%%/ignore.d.server/syslogd
+%%ETCDIR%%/ignore.d.server/tftpd
+%%ETCDIR%%/ignore.d.server/thy
+%%ETCDIR%%/ignore.d.server/ucd-snmp
+%%ETCDIR%%/ignore.d.server/uptimed
+%%ETCDIR%%/ignore.d.server/userv
+%%ETCDIR%%/ignore.d.server/watchdog
+%%ETCDIR%%/ignore.d.server/webmin
+%%ETCDIR%%/ignore.d.server/xinetd
+%%ETCDIR%%/ignore.d.workstation/automount
+%%ETCDIR%%/ignore.d.workstation/bind
+%%ETCDIR%%/ignore.d.workstation/bluez-utils
+%%ETCDIR%%/ignore.d.workstation/bonobo
+%%ETCDIR%%/ignore.d.workstation/francine
+%%ETCDIR%%/ignore.d.workstation/gconf
+%%ETCDIR%%/ignore.d.workstation/gdm
+%%ETCDIR%%/ignore.d.workstation/hald
+%%ETCDIR%%/ignore.d.workstation/hcid
+%%ETCDIR%%/ignore.d.workstation/ifplugd
+%%ETCDIR%%/ignore.d.workstation/ippl
+%%ETCDIR%%/ignore.d.workstation/kdm
+%%ETCDIR%%/ignore.d.workstation/kernel
+%%ETCDIR%%/ignore.d.workstation/logcheck
+%%ETCDIR%%/ignore.d.workstation/net-acct
+%%ETCDIR%%/ignore.d.workstation/nntpcache
+%%ETCDIR%%/ignore.d.workstation/polypaudio
+%%ETCDIR%%/ignore.d.workstation/postfix
+%%ETCDIR%%/ignore.d.workstation/ppp
+%%ETCDIR%%/ignore.d.workstation/proftpd
+%%ETCDIR%%/ignore.d.workstation/pump
+%%ETCDIR%%/ignore.d.workstation/sendfile
+%%ETCDIR%%/ignore.d.workstation/squid
+%%ETCDIR%%/ignore.d.workstation/udev
+%%ETCDIR%%/ignore.d.workstation/wdm
+%%ETCDIR%%/ignore.d.workstation/winbind
+%%ETCDIR%%/ignore.d.workstation/xdm
+%%ETCDIR%%/logcheck.conf.sample
+%%ETCDIR%%/logcheck.logfiles.sample
+%%ETCDIR%%/violations.d/kernel
+%%ETCDIR%%/violations.d/logcheck
+%%ETCDIR%%/violations.d/smartd
+%%ETCDIR%%/violations.d/su
+%%ETCDIR%%/violations.d/sudo
+%%ETCDIR%%/violations.ignore.d/logcheck-bind
+%%ETCDIR%%/violations.ignore.d/logcheck-bluez-utils
+%%ETCDIR%%/violations.ignore.d/logcheck-courier
+%%ETCDIR%%/violations.ignore.d/logcheck-cron-apt
+%%ETCDIR%%/violations.ignore.d/logcheck-cyrus
+%%ETCDIR%%/violations.ignore.d/logcheck-dcc
+%%ETCDIR%%/violations.ignore.d/logcheck-dovecot
+%%ETCDIR%%/violations.ignore.d/logcheck-hylafax
+%%ETCDIR%%/violations.ignore.d/logcheck-innd
+%%ETCDIR%%/violations.ignore.d/logcheck-kernel
+%%ETCDIR%%/violations.ignore.d/logcheck-login
+%%ETCDIR%%/violations.ignore.d/logcheck-mon
+%%ETCDIR%%/violations.ignore.d/logcheck-nagios
+%%ETCDIR%%/violations.ignore.d/logcheck-openvpn
+%%ETCDIR%%/violations.ignore.d/logcheck-pdns
+%%ETCDIR%%/violations.ignore.d/logcheck-postfix
+%%ETCDIR%%/violations.ignore.d/logcheck-proftpd
+%%ETCDIR%%/violations.ignore.d/logcheck-pureftp
+%%ETCDIR%%/violations.ignore.d/logcheck-samba
+%%ETCDIR%%/violations.ignore.d/logcheck-saslauthd
+%%ETCDIR%%/violations.ignore.d/logcheck-sendmail_tmp
+%%ETCDIR%%/violations.ignore.d/logcheck-smartd
+%%ETCDIR%%/violations.ignore.d/logcheck-spamd
+%%ETCDIR%%/violations.ignore.d/logcheck-squid
+%%ETCDIR%%/violations.ignore.d/logcheck-ssh
+%%ETCDIR%%/violations.ignore.d/logcheck-su
+%%ETCDIR%%/violations.ignore.d/logcheck-sudo
+%%ETCDIR%%/violations.ignore.d/logcheck-usb
+%%ETCDIR%%/violations.ignore.d/logcheck-winbind
+sbin/logcheck
+sbin/logtail
+%%PORTEXAMPLES%%%%EXAMPLESDIR%%/crontab.in
+%%PORTEXAMPLES%%@dirrm %%EXAMPLESDIR%%
+@dirrm %%ETCDIR%%/violations.ignore.d
+@dirrm %%ETCDIR%%/violations.d
+@dirrm %%ETCDIR%%/ignore.d.workstation
+@dirrm %%ETCDIR%%/ignore.d.server
+@dirrm %%ETCDIR%%/ignore.d.paranoid
+@dirrm %%ETCDIR%%/cracking.d
+@dirrm %%ETCDIR%%