Arch Linux

Asher256

Member

Registered: 2006-11-13

Posts: 7

[NEW] logcheck

Hi,

Logcheck is now available in AUR

It's a simple utility which is designed to allow a system administrator to view the logfiles which are produced upon hosts under their control.

Please report any suggestion, problem, etc.

Last edited by Asher256 (2007-02-13 10:23:10)

morellik

Member

From: Italy

Registered: 2007-04-05

Posts: 43

Re: [NEW] logcheck

I have a problem using logcheck.

In line 215 of /usr/sbin/logcheck, the program calls run-parts that doesn't exist.
Changing it with run-parts.logcheck all works fine.

A bug or my problem?

morellik

awagner

Member

From: Mainz, Germany

Registered: 2007-08-24

Posts: 191

Re: [NEW] logcheck

I'd suggest making a package debianutils which contains run-parts (and not include it as a binary file in the logcheck package, which is against the AUR guidelines AFAIU):

# Contributor: Andreas Wagner <A dot Wagner at stud dot uni-frankfurt dot de>
pkgname=debianutils
pkgver=2.28
pkgrel=1
pkgdesc="Misc. Utilities: run-parts, savelog, tempfile, add-shell"
url="http://packages.qa.debian.org/d/debianutils.html"
license="GPL"
arch=('i686' 'x86_64') 
source=(http://ftp.debian.org/debian/pool/main/d/{pkgname}/${pkgname}_${pkgver}.tar.gz)

build() {
  cd $startdir/src/$pkgname-$pkgver
  ./configure --prefix=/usr || return 1
  make || return 1
  install -d -m 755 $startdir/pkg/usr/{bin,sbin}
  install -d -m 755 $startdir/pkg/usr/man/{man1,man8}
  install -D -m 755 $startdir/src/$pkgname-$pkgver/add-shell $startdir/pkg/usr/sbin
  install -D -m 644 $startdir/src/$pkgname-$pkgver/add-shell.8 $startdir/pkg/usr/man/man8
#  install -D -m 755 $startdir/src/$pkgname-$pkgver/install-kernel $startdir/pkg/usr/sbin
#  install -D -m 644 $startdir/src/$pkgname-$pkgver/install-kernel.8 $startdir/pkg/usr/man/man8
#  install -D -m 755 $startdir/src/$pkgname-$pkgver/mkboot $startdir/pkg/usr/sbin
#  install -D -m 644 $startdir/src/$pkgname-$pkgver/mkboot.8 $startdir/pkg/usr/man/man8
  install -D -m 755 $startdir/src/$pkgname-$pkgver/remove-shell $startdir/pkg/usr/sbin
  install -D -m 644 $startdir/src/$pkgname-$pkgver/remove-shell.8 $startdir/pkg/usr/man/man8
  install -D -m 755 $startdir/src/$pkgname-$pkgver/run-parts $startdir/pkg/usr/bin
  install -D -m 644 $startdir/src/$pkgname-$pkgver/run-parts.8 $startdir/pkg/usr/man/man8
  install -D -m 755 $startdir/src/$pkgname-$pkgver/savelog $startdir/pkg/usr/bin
  install -D -m 644 $startdir/src/$pkgname-$pkgver/savelog.8 $startdir/pkg/usr/man/man8
  install -D -m 755 $startdir/src/$pkgname-$pkgver/sensible-browser $startdir/pkg/usr/bin
  install -D -m 755 $startdir/src/$pkgname-$pkgver/sensible-editor $startdir/pkg/usr/bin
  install -D -m 755 $startdir/src/$pkgname-$pkgver/sensible-pager $startdir/pkg/usr/bin
  install -D -m 644 $startdir/src/$pkgname-$pkgver/sensible-editor.1 $startdir/pkg/usr/man/man1
  install -D -m 755 $startdir/src/$pkgname-$pkgver/tempfile $startdir/pkg/usr/bin
  install -D -m 644 $startdir/src/$pkgname-$pkgver/tempfile.1 $startdir/pkg/usr/man/man1
#  install -D -m 755 $startdir/src/$pkgname-$pkgver/which $startdir/pkg/usr/bin
#  install -D -m 644 $startdir/src/$pkgname-$pkgver/which.1 $startdir/pkg/usr/man/man1
#  make DESTDIR=$startdir/pkg install || return 1
}

md5sums=('c68fa4d9e234951358c4f5b9f780ea12')

and then include debianutils as a dependency. Here's my updated PKGBUILD:

# Contributor: Andreas Wagner <A dot Wagner at stud dot uni-frankfurt dot de>

pkgname=logcheck
pkgver=1.2.63
pkgrel=1
pkgdesc="mails anomalies in the system logfiles to the administrator"
license=GPL
arch=(i686 x86_64)
url="http://logcheck.org"
depends=('glibc' 'cron' 'shadow' 'grep' 'smtp-server' 'logger' 'mailx' 'perl>=5.8.0' 'lockfile-progs' 'debianutils')
makedepends=()
install="$pkgname.install"
backup=(etc/logcheck/logcheck.conf etc/logcheck/logcheck.logfiles)
source=(http://ftp.debian.org/debian/pool/main/l/logcheck/${pkgname}_${pkgver}.tar.gz
        http://logcheck.org/docs/logcheck.8)
        
build() {
    cd $startdir/src

    cd $pkgname-$pkgver
    make install DESTDIR=$startdir/pkg || return 1

#    install -m 755 -d $startdir/pkg/etc/logcheck

#    # sbin
#    install -m 755 -d $startdir/pkg/usr/sbin
#    install -s -m 755 $startdir/run-parts $startdir/pkg/usr/sbin/run-parts.logcheck

#    # fix perms
#    find $startdir/pkg/etc -type d -exec chmod 755 {} \;
#    find $startdir/pkg/etc -type f -exec chmod 644 {} \;
#    find $startdir/pkg/etc -type d -name '*.d*' -exec chmod 755 {}/* \; >/dev/null 2>&1

#    # delete all empty directories
#    rmdir $startdir/pkg/etc/logcheck/cracking.ignore.d
#    rm -fr $startdir/pkg/var

    # man
    install -d -m 755 $startdir/pkg/usr/man/man8
    install -m 644 docs/logtail.8       $startdir/pkg/usr/man/man8
    install -m 644 $startdir/logcheck.8 $startdir/pkg/usr/man/man8

    # mail header
    install -m 644 debian/header.txt $startdir/pkg/etc/logcheck

    # logfiles entries
    sed -i -e 's/\/var\/log\/syslog$/\/var\/log\/syslog.log/' $startdir/pkg/etc/logcheck/logcheck.logfiles
    echo "/var/log/messages.log" >> $startdir/pkg/etc/logcheck/logcheck.logfiles
    echo "/var/log/kernel.log" >> $startdir/pkg/etc/logcheck/logcheck.logfiles
    echo "/var/log/mail.log" >> $startdir/pkg/etc/logcheck/logcheck.logfiles
    echo "/var/log/pacman.log" >> $startdir/pkg/etc/logcheck/logcheck.logfiles
    echo "/var/log/user.log" >> $startdir/pkg/etc/logcheck/logcheck.logfiles

    # cron entry
    install -m 755 -d $startdir/pkg/etc/cron.hourly
    cronfile="$startdir/pkg/etc/cron.hourly/logcheck"
    echo "#!/bin/bash" > $cronfile
    echo 'if [ -x /usr/sbin/logcheck ]; then nice -n 10 su -s /bin/bash -c "/usr/sbin/logcheck >/dev/null 2>&1" logcheck; fi' >> $cronfi
    chmod 755 $cronfile
}

md5sums=('356f4cba335ee305fce15766d3440738'
         'a9d8c93ecc12d61b0e87bf07ed951ac8')

and logcheck.install:

# arg 1:  the new package version
post_install() {
    
    # Add logcheck user
    # check for logcheck user or bad version without home
    if ! getent passwd logcheck > /dev/null; then
        adduser --quiet --system --home /var/lib/logcheck --no-create-home \
            --group logcheck ||true
    fi

    # give logcheck system user a real name unless it has one.
    if [ -z "$(getent passwd logcheck | cut -d: -f5)" ]; then
        chfn -f 'logcheck system account' logcheck
    fi

    # check for logcheck group in case account exists without group
    if ! getent group logcheck >/dev/null; then
        addgroup --system logcheck
        usermod -g logcheck logcheck
    fi  

    # make sure the home directory exists
    if [ ! -d "$(getent passwd logcheck | cut -d: -f6)" ]; then
        usermod -d /var/lib/logcheck logcheck > /dev/null || true
    fi

    # check for logcheck in adm group
    if ! getent group adm | grep logcheck > /dev/null; then
        adduser --quiet logcheck adm || true
    fi  

    # check for logcheck in log group
    if ! getent group log | grep logcheck > /dev/null; then
        adduser --quiet logcheck log || true
    fi  

    # add logcheck to /etc/aliases
    if [ -f /etc/aliases ] || [ -L /etc/aliases ]; then
        if ! grep -qi "^logcheck[[:space:]]*:" /etc/aliases; then
            echo "logcheck: root" >> /etc/aliases
            test -x "$(command -v newaliases)" && newaliases || :
        fi
    fi

    # add logcheck to /etc/postfix/aliases
    aliases="/etc/postfix/aliases"
    if [ -f $aliases ] || [ -L $aliases ]; then
        if ! grep -qi "^logcheck[[:space:]]*:" $aliases; then
            echo "logcheck: root" >> $aliases
            test -x "`command -v newaliases`" && newaliases || :
        fi
    fi

#    # directories
#    mkdir -p /etc/logcheck/cracking.ignore.d
#    mkdir -p /var/lib/logcheck /var/lock/logcheck
#
    # permissions
    chown -R logcheck:logcheck /etc/logcheck /var/lock/logcheck /var/lib/logcheck || true
    chmod 750 /etc/logcheck
    chmod 755 /var/lock/logcheck
}

# arg 1:  the new package version
# arg 2:  the old package version
post_upgrade() {
    post_install $1
    usermod -G log logcheck
}

# arg 1:  the old package version
pre_remove() {
    userdel logcheck &> /dev/null
    groupdel logcheck &> /dev/null
    
    rmdir --ignore-fail-on-non-empty /etc/logcheck/cracking.ignore.d
    rmdir --ignore-fail-on-non-empty /var/lib/logcheck /var/lock/logcheck
}

op=$1
shift

$op $*

I've merged much of the previous PKGBUILD/install file with the debian postinstall routine and cleaned it up a bit. I am not all too sure about it, tho, so I've left in most of the stuff by Asher and have just commented it out.

Also, I'm a bit hesitant to put up the debianutils pkg on AUR. Whatcha think, is there much interest in either debianutils and/or logcheck (and how about the lockfile-progs/liblockfile dependencies)?

Andreas

awagner

Member

From: Mainz, Germany

Registered: 2007-08-24

Posts: 191

Re: [NEW] logcheck

...ahem. I just found out that the adduser command didn't work as expected, this one seems to do:

logcheck.install:

# arg 1:  the new package version
post_install() {
    
    # check for logcheck group in case account exists without group
    if ! getent group logcheck >/dev/null; then
        groupadd logcheck
    fi  

    # Add logcheck user
    # check for logcheck user or bad version without home
    if ! getent passwd logcheck > /dev/null; then
        useradd --home /var/log/logcheck -g logcheck --groups log,adm logcheck || true 
    fi

    # give logcheck system user a real name unless it has one.
    if [ -z "$(getent passwd logcheck | cut -d: -f5)" ]; then
        chfn -f 'logcheck system account' logcheck
    fi

    # make sure the home directory exists
    if [ ! -d "$(getent passwd logcheck | cut -d: -f6)" ]; then
        usermod -d /var/lib/logcheck logcheck > /dev/null || true
    fi

    # add logcheck to /etc/aliases
    if [ -f /etc/aliases ] || [ -L /etc/aliases ]; then
        if ! grep -qi "^logcheck[[:space:]]*:" /etc/aliases; then
            echo "logcheck: root" >> /etc/aliases
            test -x "$(command -v newaliases)" && newaliases || :
        fi
    fi

    # add logcheck to /etc/postfix/aliases
    aliases="/etc/postfix/aliases"
    if [ -f $aliases ] || [ -L $aliases ]; then
        if ! grep -qi "^logcheck[[:space:]]*:" $aliases; then
            echo "logcheck: root" >> $aliases
            test -x "`command -v newaliases`" && newaliases || :
        fi
    fi

    # permissions
    chown -R logcheck:logcheck /etc/logcheck /var/lock/logcheck /var/lib/logcheck || true
    chmod 750 /etc/logcheck
    chmod 755 /var/lock/logcheck
}


# arg 1:  the new package version
# arg 2:  the old package version
post_upgrade() {
    post_install $1
    usermod -G log logcheck
}

# arg 1:  the old package version
pre_remove() {
    userdel logcheck &> /dev/null
    groupdel logcheck &> /dev/null
    
    rmdir --ignore-fail-on-non-empty /etc/logcheck/cracking.ignore.d
    rmdir --ignore-fail-on-non-empty /var/lib/logcheck /var/lock/logcheck
}

op=$1
shift

$op $*

awagner

Member

From: Mainz, Germany

Registered: 2007-08-24

Posts: 191

Re: [NEW] logcheck

bump...

and I've noticed that while mailx is a dependency, the mailx from core doesn't work because it a) needs to offer a 'nail' binary that b) accepts -a attachments. mailx-heirloom does. (see the mailx vs. mailx thread in Arch discussions)

awagner

Member

From: Mainz, Germany

Registered: 2007-08-24

Posts: 191

Re: [NEW] logcheck

debianutils is now on AUR...