2700 – logsentry-1.1.1 (New Package)

Bug 2700 - logsentry-1.1.1 (New Package)

Summary: logsentry-1.1.1 (New Package)

Status:	RESOLVED INVALID

Alias:	None

Product:	Gentoo Linux
Classification:	Unclassified
Component:	New packages (show other bugs)
Hardware:	x86 Linux

Importance:	High enhancement (vote)
Assignee:	George Shapovalov (RETIRED)

URL:	http://www.gentoo.it
Whiteboard:
Keywords:

Depends on:
Blocks:

Reported:	2002-05-13 11:11 UTC by Enrico Morelli
Modified:	2003-02-04 19:42 UTC (History)
CC List:	1 user (show)

See Also:
Package list:
Runtime testing required:	---

Attachments
logsentry-1.1.1.ebuild (logsentry.tgz,1.07 KB, text/plain) 2002-05-13 11:13 UTC, Enrico Morelli	Details
modified ebuild (logsentry-1.1.1.ebuild,1.86 KB, text/plain) 2002-06-21 21:15 UTC, George Shapovalov (RETIRED)	Details
View All Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.

Description Enrico Morelli 2002-05-13 11:11:03 UTC

Please find attached logsentry.tgz containing logsentry-1.1.1.ebuild

LogSentry (formerly Logcheck) automatically monitors your system logs and 
mails security violations to you on a periodic basis. It is based on a 
program 
that ships with the TIS Gauntlet firewall but has been improved upon 
in many ways to make it work nicely for normal system auditing.
Features:
LogSentry helps in processing UNIX system logfiles generated by:
Psionic's PortSentry
Psionic's HostSentry
system daemons
Wietse Venema's 
              TCP Wrapper and Log Daemon packages
Firewall Toolkit

Comment 1 Enrico Morelli 2002-05-13 11:11:03 UTC

Please find attached logsentry.tgz containing logsentry-1.1.1.ebuild

LogSentry (formerly Logcheck) automatically monitors your system logs and 
mails security violations to you on a periodic basis. It is based on a 
program 
that ships with the TIS Gauntlet firewall but has been improved upon 
in many ways to make it work nicely for normal system auditing.
Features:
LogSentry helps in processing UNIX system logfiles generated by:
Psionic's PortSentry
Psionic's HostSentry
system daemons
Wietse Venema's 
              TCP Wrapper and Log Daemon packages
Firewall Toolkit® 
              by Trusted Information Systems® Inc.(TIS).

I suggest to enter it into net-misc/logsentry

Comment 2 Enrico Morelli 2002-05-13 11:13:38 UTC

Created attachment 972 [details]
logsentry-1.1.1.ebuild

Comment 3 George Shapovalov (RETIRED) gentoo-dev

2002-06-21 21:13:58 UTC

Hi Enrico

Thanks for a submission!
I am working on the ebuild now and I have a few issues with it:

1. I see that logcheck.sh gets istalled into /etc/logcheck. However from what I
was able to gain from the docs I can see that it is this script which is getting
called, while logtail is an auxiliary program called by this script. Shouldn't
logcheck.sh go then into /usr/bin? Besides according to FHS /ets is to be used
for config stuff only:
"/etc contains configuration files and directories that are specific to the
current system"

2. files/ dir contains logcheck.cron.daily, however it does not get installed
anywhere by the ebuild. This is a simple administrative issue, however if you
include this file you should not just leave it in the portage tree - user has no
chance of noticing its existance.
Could you please modify the ebuild to either install this file with the other
config files (with the due note output by pkg_postinst() or mentioned somewhere
in the docs) or to remove this file with or without mentioning that sysadmin
should setup his crontabs accordingly.

I am including the updated ebuild (proper header - Author line is supposed to go
into Changelog and added installation of docs).

George

Comment 4 George Shapovalov (RETIRED) gentoo-dev

2002-06-21 21:15:45 UTC

Created attachment 1680 [details]
modified ebuild

BTW, I think this package should go into app-admin, like analog does.

Comment 5 George Shapovalov (RETIRED) gentoo-dev

2002-10-28 19:48:53 UTC

Never got a reply, and this package was apparently already added.
Closing the bug.

George