- Updated to 1.3.10

PR:		ports/146537
Submitted by:	Takefu <takefu at airport dot fm>
Feature safe:	yes

security/logcheck/Makefile

@@ -6,8 +6,7 @@
 #
 
 PORTNAME=	logcheck
-PORTVERSION=	1.2.69
-PORTREVISION=	2
+PORTVERSION=	1.3.10
 CATEGORIES=	security
 MASTER_SITES=	${MASTER_SITE_DEBIAN_POOL}
 DISTNAME=	${PORTNAME}_${PORTVERSION}
@@ -15,7 +14,8 @@ DISTNAME=	${PORTNAME}_${PORTVERSION}
 MAINTAINER=	glarkin@FreeBSD.org
 COMMENT=	Auditing tool for system logs on Unix boxes
 
-RUN_DEPENDS=	lockfile:${PORTSDIR}/mail/procmail \
+RUN_DEPENDS=	mime-construct:${PORTSDIR}/mail/mime-construct \
+		lockfile:${PORTSDIR}/mail/procmail \
 		bash:${PORTSDIR}/shells/bash
 
 PORTSCOUT=	limit:^1\.2\.
@@ -28,7 +28,7 @@ LOGCHECK_GID=	${LOGCHECK_UID}
 # Enable Perl dependency for logtail script
 USE_PERL5=	5.8.0+
 
-WRKSRC=		${WRKDIR}/${PORTNAME}-${PORTVERSION}
+WRKSRC=		${WRKDIR}/${PORTNAME}
 BINMODE=	755
 SHAREMODE=	640
 SUB_LIST+=	LOGCHECK_USER=${LOGCHECK_USER} \

security/logcheck/distinfo

@@ -1,3 +1,3 @@
-MD5 (logcheck_1.2.69.tar.gz) = 7d1671e762d3b99fb1832e0c01edf9fe
-SHA256 (logcheck_1.2.69.tar.gz) = c1c8438f098d09554a857c68db09f4076b7a868818fb9e5d158a802127176ecf
-SIZE (logcheck_1.2.69.tar.gz) = 145023
+MD5 (logcheck_1.3.10.tar.gz) = 71b4cf145b94e6bf796d77de3589ae79
+SHA256 (logcheck_1.3.10.tar.gz) = b150f15c42b51266efeecd91195d5d3b55be684bea86f851022d0380c32dd2ba
+SIZE (logcheck_1.3.10.tar.gz) = 155708

security/logcheck/files/extra-patch-etc__logcheck.conf.in

@@ -1,6 +1,6 @@
---- ./etc/logcheck.conf.orig	2006-10-29 02:55:02.000000000 -0500
-+++ ./etc/logcheck.conf	2008-09-06 19:11:28.000000000 -0400
-@@ -47,12 +47,7 @@
+--- etc/logcheck.conf.orig	2010-04-15 01:15:34.000000000 +0900
++++ etc/logcheck.conf	2010-05-12 14:22:13.000000000 +0900
+@@ -53,13 +53,7 @@
  # Controls the base directory for rules file location
  # This must be an absolute path
  
@@ -8,6 +8,7 @@
 -
 -# Controls if syslog-summary is run over each section.
 -# Alternatively, set to "1" to enable extra summary.
+-# HINT: syslog-summary needs to be installed.
 -
 -#SYSLOGSUMMARY=0
 +#RULEDIR="%%ETCDIR%%"

security/logcheck/files/extra-patch-src__logcheck.in

@@ -1,17 +1,17 @@
---- src/logcheck.orig	2007-01-16 01:13:27.000000000 -0500
-+++ src/logcheck	2009-12-17 19:33:34.000000000 -0500
+--- src/logcheck.orig	2010-07-07 15:59:57.000000000 -0400
++++ src/logcheck	2010-07-07 16:19:33.000000000 -0400
 @@ -1,4 +1,4 @@
 -#!/bin/bash
 +#!%%LOCALBASE%%/bin/bash
  #
- # Copyright (C) 2004-2006 Debian Logcheck Team 
+ # Copyright (C) 2004-2010 Debian Logcheck Team
  #                         <logcheck-devel@alioth.lists.debian.org>
-@@ -26,17 +26,10 @@
+@@ -24,17 +24,10 @@
  
- if [ $UID == 0 ]; then
+ if [ `id -u` = 0 ]; then
      echo "logcheck should not be run as root. Use su to invoke logcheck:"
 -    echo "su -s /bin/bash -c \"/usr/sbin/logcheck${@:+ $@}\" logcheck"
-+    echo "su -m logcheck -c \"%%LOCALBASE%%/bin/bash %%PREFIX%%/sbin/logcheck${@:+ $@}\""
++    echo "su -m %%LOGCHECK_USER%% -c \"%%LOCALBASE%%/bin/bash %%PREFIX%%/sbin/logcheck${@:+ $@}\""
      echo "Or use sudo: sudo -u logcheck logcheck${@:+ $@}."
      # you may want to uncomment that hack to let logcheck invoke itself.
 -    # su -s /bin/bash -c "$0 $*" logcheck
@@ -26,7 +26,16 @@
      exit 1
  fi
  
-@@ -68,12 +61,12 @@
+@@ -51,7 +44,7 @@
+ 
+ # Get the details for the email message
+ DATE="$(date +'%Y-%m-%d %H:%M')"
+-VERSION="1.3.7"
++VERSION="1.3.10"
+ 
+ # Set the default report level
+ REPORTLEVEL="server"
+@@ -69,12 +62,12 @@
  ADDTAG="no"
  
  # Set the default paths
@@ -45,7 +54,7 @@
  CAT="/bin/cat"
  SYSLOG_SUMMARY="/usr/bin/syslog-summary"
  
-@@ -87,26 +80,21 @@
+@@ -89,20 +82,15 @@
  SORTUNIQ=0
  SUPPORT_CRACKING_IGNORE=0
  SYSLOGSUMMARY=0
@@ -58,44 +67,37 @@
  
 -    if [ -n "$LOCK" ]; then
 -        debug "cleanup: Killing lockfile-touch - $LOCK"
--	kill $LOCK && unset LOCK
+-	kill "$LOCK" && unset LOCK
 -    fi
 -
 -    if [ -f "$LOCKFILE.lock" ]; then
 -        debug "cleanup: Removing lockfile: $LOCKFILE.lock"
--	lockfile-remove $LOCKFILE
+-	lockfile-remove "$LOCKFILE"
 +    if [ -f "$LOCKFILE" ]; then
 +        debug "cleanup: Removing lockfile: $LOCKFILE"
-+	rm -f $LOCKFILE
++	rm -f "$LOCKFILE"
      fi
  
-     if [ -d $TMPDIR ]; then
-         # Remove the tmp directory
-         if [ $NOCLEANUP -eq 0 ];then 
--    	    cd /var/lib/logcheck
-+    	    cd /var/db/logcheck
-     	    debug "cleanup: Removing - $TMPDIR" 
-     	    rm -r $TMPDIR
-         else
-@@ -142,14 +130,9 @@
+     if [ -d "$TMPDIR" ]; then
+@@ -144,14 +132,9 @@
      if [ "$2" = "noclean" ]; then
  	debug "error: Not removing lockfile"
      else
 -        if [ -n "$LOCK" ]; then
 -	    debug "error: Killing lockfile-touch - $LOCK"
--	    kill $LOCK && unset LOCK
+-	    kill "$LOCK" && unset LOCK
 -	fi
 -
 -       if [ -f "$LOCKFILE.lock" ]; then
 -           debug "error: Removing lockfile: $LOCKFILE.lock"
--           lockfile-remove $LOCKFILE
+-           lockfile-remove "$LOCKFILE"
 +       if [ -f "$LOCKFILE" ]; then
 +           debug "error: Removing lockfile: $LOCKFILE"
-+           rm -f $LOCKFILE
++           rm -f "$LOCKFILE"
         fi
- 	
+ 
      fi
-@@ -168,7 +151,7 @@
+@@ -170,7 +153,7 @@
  ${TMPDIR:+Check temporary directory: $TMPDIR
  }
  Also verify that the logcheck user can read all files referenced in
@@ -104,78 +106,61 @@
  
  $(export)
  EOF
-@@ -185,8 +168,8 @@
- 
- # Add an identification line at the beginning of the sent mail
- setintro() {
--    if [ -f /etc/logcheck/header.txt -a -r /etc/logcheck/header.txt ] ; then
--       $CAT /etc/logcheck/header.txt >> $TMPDIR/report \
-+    if [ -f %%ETCDIR%%/header.txt -a -r %%ETCDIR%%/header.txt ] ; then
-+       $CAT %%ETCDIR%%/header.txt >> $TMPDIR/report \
-            || error "Could not append header to $TMPDIR/report."
-     fi
- }
-@@ -194,8 +177,8 @@
- 
- # Add a footer to the report.
- setfooter() {
--    if [ -f /etc/logcheck/footer.txt -a -r /etc/logcheck/footer.txt ] ; then
--       $CAT /etc/logcheck/footer.txt >> $TMPDIR/report \
-+    if [ -f %%ETCDIR%%/footer.txt -a -r %%ETCDIR%%/footer.txt ] ; then
-+       $CAT %%ETCDIR%%/footer.txt >> $TMPDIR/report \
-            || error "Could not append footer to $TMPDIR/report."
-     fi
- }
-@@ -212,8 +195,7 @@
- 	    mkdir $cleaned \
+@@ -215,7 +198,7 @@
+ 	    mkdir "$cleaned" \
  	        || error "Could not make dir $cleaned for cleaned rulefiles."
  	fi
--	for rulefile in $(run-parts --list $dir); do
--	    rulefile=$(basename $rulefile)
-+	for rulefile in $(ls -1R $dir); do
- 	    if [ -f ${dir}/${rulefile} ]; then
+-	for rulefile in $(run-parts --list "$dir"); do
++	for rulefile in $(ls -1R "$dir"); do
+ 	    rulefile="$(basename "$rulefile")"
+ 	    if [ -f "${dir}/${rulefile}" ]; then
  		debug "cleanrules: ${dir}/${rulefile}"
- 		if [ -r ${dir}/${rulefile} ]; then
-@@ -544,9 +526,9 @@
+@@ -529,9 +512,9 @@
  
  # Hostname either fully qualified or not.
- if [ $FQDN -eq 1 ]; then
--        HOSTNAME="$(hostname --fqdn)" > /dev/null 2>&1
-+        HOSTNAME="$(hostname -f)" > /dev/null 2>&1
+ if [ "$FQDN" -eq 1 ]; then
+-        HOSTNAME="$(hostname --fqdn 2>/dev/null)"
++        HOSTNAME="$(hostname -f 2>/dev/null)"
  else
--        HOSTNAME="$(hostname --short)" > /dev/null 2>&1
-+        HOSTNAME="$(hostname -s)" > /dev/null 2>&1
+-        HOSTNAME="$(hostname --short 2>/dev/null)"
++        HOSTNAME="$(hostname -s 2>/dev/null)"
  fi
- 		
+ 
  # Now check for the other options
-@@ -625,25 +607,21 @@
+@@ -610,30 +593,25 @@
  
  trap 'cleanup' 0
  
 -debug "Trying to get lockfile: $LOCKFILE.lock"
 +debug "Trying to get lockfile: $LOCKFILE"
- if [ ! -d $LOCKDIR ]; then 
- 	mkdir -m 0755 $LOCKDIR
+ if [ ! -d "$LOCKDIR" ]; then
+ 	mkdir -m 0755 "$LOCKDIR"
  fi
--lockfile-create --retry 1 $LOCKFILE > /dev/null 2>&1
-+lockfile -r 1 $LOCKFILE > /dev/null 2>&1
+-lockfile-create --retry 1 "$LOCKFILE" > /dev/null 2>&1
++lockfile -r 1 "$LOCKFILE" > /dev/null 2>&1
  
  
- if [ $? -eq 1 ]; then 
+ if [ $? -eq 1 ]; then
      trap 0
--    error "Failed to get lockfile: $LOCKFILE.lock" "noclean"
--else 
+-    if [ -e "${LOCKFILE}.lock" ]; then
++    if [ -e "${LOCKFILE}" ]; then
+         error "Another logcheck process is still running" "noclean"
+     else
+-        error "Failed to get lockfile: $LOCKFILE.lock" "noclean"
++        error "Failed to get lockfile: $LOCKFILE" "noclean"
+     fi
+-
+-else
 -    debug "Running lockfile-touch $LOCKFILE.lock"
--    lockfile-touch $LOCKFILE &
+-    lockfile-touch "$LOCKFILE" &
 -    LOCK="$!"
-+    error "Failed to get lockfile: $LOCKFILE" "noclean"
  fi
  
  # Create the secure temporary directory or exit
--TMPDIR=$(mktemp -d -p ${TMP:-/tmp} logcheck.XXXXXX) \
--    || TMPDIR=$(mktemp -d -p /var/tmp logcheck.XXXXXX) \
-+TMPDIR=$(mktemp -d /tmp/logcheck.XXXXXX) \
-+    || TMPDIR=$(mktemp -d /var/tmp/logcheck.XXXXXX) \
+-TMPDIR="$(mktemp -d -p "${TMP:-/tmp}" logcheck.XXXXXX)" \
+-    || TMPDIR="$(mktemp -d -p /var/tmp logcheck.XXXXXX)" \
++TMPDIR="$(mktemp -d ${TMP:-/tmp}/logcheck.XXXXXX)" \
++    || TMPDIR="$(mktemp -d /var/tmp/logcheck.XXXXXX)" \
      || error "Could not create temporary directory"
  
  # Now clean the rulefiles in the directories

security/logcheck/pkg-plist

@@ -1,11 +1,16 @@
-%%ETCDIR%%/cracking.d/logcheck
+%%ETCDIR%%/cracking.d/kernel
+%%ETCDIR%%/cracking.d/rlogind
+%%ETCDIR%%/cracking.d/rsh
 %%ETCDIR%%/cracking.d/smartd
+%%ETCDIR%%/cracking.d/tftpd
+%%ETCDIR%%/cracking.d/uucico
 %%ETCDIR%%/ignore.d.paranoid/bind
 %%ETCDIR%%/ignore.d.paranoid/cron
 %%ETCDIR%%/ignore.d.paranoid/incron
 %%ETCDIR%%/ignore.d.paranoid/logcheck
 %%ETCDIR%%/ignore.d.paranoid/postfix
 %%ETCDIR%%/ignore.d.paranoid/ppp
+%%ETCDIR%%/ignore.d.paranoid/pureftp
 %%ETCDIR%%/ignore.d.paranoid/qpopper
 %%ETCDIR%%/ignore.d.paranoid/squid
 %%ETCDIR%%/ignore.d.paranoid/ssh
@@ -13,12 +18,15 @@
 %%ETCDIR%%/ignore.d.paranoid/sysklogd
 %%ETCDIR%%/ignore.d.paranoid/telnetd
 %%ETCDIR%%/ignore.d.paranoid/tripwire
+%%ETCDIR%%/ignore.d.paranoid/usb
 %%ETCDIR%%/ignore.d.server/acpid
 %%ETCDIR%%/ignore.d.server/amandad
 %%ETCDIR%%/ignore.d.server/anacron
 %%ETCDIR%%/ignore.d.server/anon-proxy
 %%ETCDIR%%/ignore.d.server/apache
+%%ETCDIR%%/ignore.d.server/apcupsd
 %%ETCDIR%%/ignore.d.server/arpwatch
+%%ETCDIR%%/ignore.d.server/asterisk
 %%ETCDIR%%/ignore.d.server/automount
 %%ETCDIR%%/ignore.d.server/bind
 %%ETCDIR%%/ignore.d.server/bluez-utils
@@ -44,7 +52,9 @@
 %%ETCDIR%%/ignore.d.server/dspam
 %%ETCDIR%%/ignore.d.server/epmd
 %%ETCDIR%%/ignore.d.server/exim4
+%%ETCDIR%%/ignore.d.server/fcron
 %%ETCDIR%%/ignore.d.server/ftpd
+%%ETCDIR%%/ignore.d.server/git-daemon
 %%ETCDIR%%/ignore.d.server/gnu-imap4d
 %%ETCDIR%%/ignore.d.server/gps
 %%ETCDIR%%/ignore.d.server/grinch
@@ -62,22 +72,25 @@
 %%ETCDIR%%/ignore.d.server/isdnutils
 %%ETCDIR%%/ignore.d.server/jabberd
 %%ETCDIR%%/ignore.d.server/kernel
+%%ETCDIR%%/ignore.d.server/klogind
 %%ETCDIR%%/ignore.d.server/krb5-kdc
 %%ETCDIR%%/ignore.d.server/libpam-mount
 %%ETCDIR%%/ignore.d.server/logcheck
-%%ETCDIR%%/ignore.d.server/lpr
+%%ETCDIR%%/ignore.d.server/login
 %%ETCDIR%%/ignore.d.server/maradns
 %%ETCDIR%%/ignore.d.server/mldonkey-server
 %%ETCDIR%%/ignore.d.server/mon
+%%ETCDIR%%/ignore.d.server/mountd
 %%ETCDIR%%/ignore.d.server/nagios
 %%ETCDIR%%/ignore.d.server/netconsole
 %%ETCDIR%%/ignore.d.server/nfs
 %%ETCDIR%%/ignore.d.server/nntpcache
 %%ETCDIR%%/ignore.d.server/nscd
-%%ETCDIR%%/ignore.d.server/ntp
-%%ETCDIR%%/ignore.d.server/oidentd
+%%ETCDIR%%/ignore.d.server/nslcd
+@comment %%ETCDIR%%/ignore.d.server/ntop
 %%ETCDIR%%/ignore.d.server/openvpn
 %%ETCDIR%%/ignore.d.server/otrs
+%%ETCDIR%%/ignore.d.server/passwd
 %%ETCDIR%%/ignore.d.server/pdns
 %%ETCDIR%%/ignore.d.server/perdition
 %%ETCDIR%%/ignore.d.server/policyd
@@ -90,6 +103,7 @@
 %%ETCDIR%%/ignore.d.server/proftpd
 %%ETCDIR%%/ignore.d.server/puppetd
 %%ETCDIR%%/ignore.d.server/pure-ftpd
+%%ETCDIR%%/ignore.d.server/pureftp
 %%ETCDIR%%/ignore.d.server/qpopper
 %%ETCDIR%%/ignore.d.server/rbldnsd
 %%ETCDIR%%/ignore.d.server/rpc_statd
@@ -113,6 +127,8 @@
 %%ETCDIR%%/ignore.d.server/squid
 %%ETCDIR%%/ignore.d.server/ssh
 %%ETCDIR%%/ignore.d.server/stunnel
+%%ETCDIR%%/ignore.d.server/su
+%%ETCDIR%%/ignore.d.server/sudo
 %%ETCDIR%%/ignore.d.server/sympa
 %%ETCDIR%%/ignore.d.server/syslogd
 %%ETCDIR%%/ignore.d.server/teapop
@@ -130,9 +146,10 @@
 %%ETCDIR%%/ignore.d.server/xinetd
 %%ETCDIR%%/ignore.d.workstation/automount
 %%ETCDIR%%/ignore.d.workstation/bind
-%%ETCDIR%%/ignore.d.workstation/bluez-utils
 %%ETCDIR%%/ignore.d.workstation/bluetooth-alsa
+%%ETCDIR%%/ignore.d.workstation/bluez-utils
 %%ETCDIR%%/ignore.d.workstation/bonobo
+%%ETCDIR%%/ignore.d.workstation/dhcpcd
 %%ETCDIR%%/ignore.d.workstation/francine
 %%ETCDIR%%/ignore.d.workstation/gconf
 %%ETCDIR%%/ignore.d.workstation/gdm
@@ -142,7 +159,10 @@
 %%ETCDIR%%/ignore.d.workstation/ippl
 %%ETCDIR%%/ignore.d.workstation/kdm
 %%ETCDIR%%/ignore.d.workstation/kernel
+%%ETCDIR%%/ignore.d.workstation/laptop-mode-tools
+%%ETCDIR%%/ignore.d.workstation/libpam-gnome-keyring
 %%ETCDIR%%/ignore.d.workstation/logcheck
+%%ETCDIR%%/ignore.d.workstation/login
 %%ETCDIR%%/ignore.d.workstation/net-acct
 %%ETCDIR%%/ignore.d.workstation/nntpcache
 %%ETCDIR%%/ignore.d.workstation/polypaudio
@@ -155,46 +175,19 @@
 %%ETCDIR%%/ignore.d.workstation/udev
 %%ETCDIR%%/ignore.d.workstation/wdm
 %%ETCDIR%%/ignore.d.workstation/winbind
+%%ETCDIR%%/ignore.d.workstation/wpasupplicant
 %%ETCDIR%%/ignore.d.workstation/xdm
 %%ETCDIR%%/ignore.d.workstation/xlockmore
-%%ETCDIR%%/logcheck.conf.sample
-%%ETCDIR%%/logcheck.logfiles.sample
+%%ETCDIR%%/ignore.d.workstation/xscreensaver
 %%ETCDIR%%/violations.d/kernel
 %%ETCDIR%%/violations.d/logcheck
 %%ETCDIR%%/violations.d/smartd
 %%ETCDIR%%/violations.d/su
 %%ETCDIR%%/violations.d/sudo
-%%ETCDIR%%/violations.ignore.d/logcheck-bind
-%%ETCDIR%%/violations.ignore.d/logcheck-bluez-utils
-%%ETCDIR%%/violations.ignore.d/logcheck-courier
-%%ETCDIR%%/violations.ignore.d/logcheck-cron-apt
-%%ETCDIR%%/violations.ignore.d/logcheck-cyrus
-%%ETCDIR%%/violations.ignore.d/logcheck-dcc
-%%ETCDIR%%/violations.ignore.d/logcheck-dovecot
-%%ETCDIR%%/violations.ignore.d/logcheck-hylafax
-%%ETCDIR%%/violations.ignore.d/logcheck-innd
-%%ETCDIR%%/violations.ignore.d/logcheck-kernel
-%%ETCDIR%%/violations.ignore.d/logcheck-login
-%%ETCDIR%%/violations.ignore.d/logcheck-mon
-%%ETCDIR%%/violations.ignore.d/logcheck-nagios
-%%ETCDIR%%/violations.ignore.d/logcheck-openvpn
-%%ETCDIR%%/violations.ignore.d/logcheck-passwd
-%%ETCDIR%%/violations.ignore.d/logcheck-pdns
-%%ETCDIR%%/violations.ignore.d/logcheck-postfix
-%%ETCDIR%%/violations.ignore.d/logcheck-proftpd
-%%ETCDIR%%/violations.ignore.d/logcheck-pureftp
-%%ETCDIR%%/violations.ignore.d/logcheck-samba
-%%ETCDIR%%/violations.ignore.d/logcheck-sasl2-bin
-%%ETCDIR%%/violations.ignore.d/logcheck-saslauthd
-%%ETCDIR%%/violations.ignore.d/logcheck-sendmail_tmp
-%%ETCDIR%%/violations.ignore.d/logcheck-smartd
-%%ETCDIR%%/violations.ignore.d/logcheck-spamd
-%%ETCDIR%%/violations.ignore.d/logcheck-squid
-%%ETCDIR%%/violations.ignore.d/logcheck-ssh
 %%ETCDIR%%/violations.ignore.d/logcheck-su
 %%ETCDIR%%/violations.ignore.d/logcheck-sudo
-%%ETCDIR%%/violations.ignore.d/logcheck-usb
-%%ETCDIR%%/violations.ignore.d/logcheck-winbind
+%%ETCDIR%%/logcheck.conf.sample
+%%ETCDIR%%/logcheck.logfiles.sample
 %%DATADIR%%/detectrotate/10-savelog.dtr
 %%DATADIR%%/detectrotate/20-logrotate.dtr
 %%DATADIR%%/detectrotate/30-logrotate-dateext.dtr