1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
|
--- src/logcheck.orig 2010-07-07 15:59:57.000000000 -0400
+++ src/logcheck 2010-07-07 16:19:33.000000000 -0400
@@ -24,17 +24,10 @@
if [ `id -u` = 0 ]; then
echo "logcheck should not be run as root. Use su to invoke logcheck:"
- echo "su -s /bin/bash -c \"/usr/sbin/logcheck${@:+ $@}\" logcheck"
+ echo "su -m %%LOGCHECK_USER%% -c \"%%LOCALBASE%%/bin/bash %%PREFIX%%/sbin/logcheck${@:+ $@}\""
echo "Or use sudo: sudo -u logcheck logcheck${@:+ $@}."
# you may want to uncomment that hack to let logcheck invoke itself.
- # su -s /bin/bash -c "$0 $*" logcheck
- exit 1
-fi
-
-if [ ! -f /usr/bin/lockfile-create -o \
- ! -f /usr/bin/lockfile-remove -o \
- ! -f /usr/bin/lockfile-touch ]; then
- echo "fatal: lockfile-progs is a prerequisite for logcheck, and was not found."
+ # su -s %%LOCALBASE%%/bin/bash -c "$0 $*" logcheck
exit 1
fi
@@ -69,12 +62,12 @@
ADDTAG="no"
# Set the default paths
-RULEDIR="/etc/logcheck"
-CONFFILE="/etc/logcheck/logcheck.conf"
-STATEDIR="/var/lib/logcheck"
-LOGFILES_LIST="/etc/logcheck/logcheck.logfiles"
-LOGFILE_FALLBACK="/var/log/syslog"
-LOGTAIL="/usr/sbin/logtail2"
+RULEDIR="%%ETCDIR%%"
+CONFFILE="%%ETCDIR%%/logcheck.conf"
+STATEDIR="/var/db/logcheck"
+LOGFILES_LIST="%%ETCDIR%%/logcheck.logfiles"
+LOGFILE_FALLBACK="/var/log/messages"
+LOGTAIL="%%PREFIX%%/sbin/logtail2"
CAT="/bin/cat"
SYSLOG_SUMMARY="/usr/bin/syslog-summary"
@@ -89,20 +82,15 @@
SORTUNIQ=0
SUPPORT_CRACKING_IGNORE=0
SYSLOGSUMMARY=0
-LOCKDIR=/run/lock/logcheck
+LOCKDIR=/var/run/logcheck
LOCKFILE="$LOCKDIR/logcheck"
# Carry out the clean up tasks
cleanup() {
- if [ -n "$LOCK" ]; then
- debug "cleanup: Killing lockfile-touch - $LOCK"
- kill "$LOCK" && unset LOCK
- fi
-
- if [ -f "$LOCKFILE.lock" ]; then
- debug "cleanup: Removing lockfile: $LOCKFILE.lock"
- lockfile-remove "$LOCKFILE"
+ if [ -f "$LOCKFILE" ]; then
+ debug "cleanup: Removing lockfile: $LOCKFILE"
+ rm -f "$LOCKFILE"
fi
if [ -d "$TMPDIR" ]; then
@@ -144,14 +132,9 @@
if [ "$2" = "noclean" ]; then
debug "error: Not removing lockfile"
else
- if [ -n "$LOCK" ]; then
- debug "error: Killing lockfile-touch - $LOCK"
- kill "$LOCK" && unset LOCK
- fi
-
- if [ -f "$LOCKFILE.lock" ]; then
- debug "error: Removing lockfile: $LOCKFILE.lock"
- lockfile-remove "$LOCKFILE"
+ if [ -f "$LOCKFILE" ]; then
+ debug "error: Removing lockfile: $LOCKFILE"
+ rm -f "$LOCKFILE"
fi
fi
@@ -170,7 +153,7 @@
${TMPDIR:+Check temporary directory: $TMPDIR
}
Also verify that the logcheck user can read all files referenced in
-/etc/logcheck/logcheck.logfiles!
+%%ETCDIR%%/logcheck.logfiles!
$(export)
EOF
@@ -215,7 +198,7 @@
mkdir "$cleaned" \
|| error "Could not make dir $cleaned for cleaned rulefiles."
fi
- for rulefile in $(run-parts --list "$dir"); do
+ for rulefile in $(ls -1R "$dir"); do
rulefile="$(basename "$rulefile")"
if [ -f "${dir}/${rulefile}" ]; then
debug "cleanrules: ${dir}/${rulefile}"
@@ -529,9 +512,9 @@
# Hostname either fully qualified or not.
if [ "$FQDN" -eq 1 ]; then
- HOSTNAME="$(hostname --fqdn 2>/dev/null)"
+ HOSTNAME="$(hostname -f 2>/dev/null)"
else
- HOSTNAME="$(hostname --short 2>/dev/null)"
+ HOSTNAME="$(hostname -s 2>/dev/null)"
fi
# Now check for the other options
@@ -610,30 +593,25 @@
trap 'cleanup' 0
-debug "Trying to get lockfile: $LOCKFILE.lock"
+debug "Trying to get lockfile: $LOCKFILE"
if [ ! -d "$LOCKDIR" ]; then
mkdir -m 0755 "$LOCKDIR"
fi
-lockfile-create --retry 1 "$LOCKFILE" > /dev/null 2>&1
+lockfile -r 1 "$LOCKFILE" > /dev/null 2>&1
if [ $? -eq 1 ]; then
trap 0
- if [ -e "${LOCKFILE}.lock" ]; then
+ if [ -e "${LOCKFILE}" ]; then
error "Another logcheck process is still running" "noclean"
else
- error "Failed to get lockfile: $LOCKFILE.lock" "noclean"
+ error "Failed to get lockfile: $LOCKFILE" "noclean"
fi
-
-else
- debug "Running lockfile-touch $LOCKFILE.lock"
- lockfile-touch "$LOCKFILE" &
- LOCK="$!"
fi
# Create the secure temporary directory or exit
-TMPDIR="$(mktemp -d -p "${TMP:-/tmp}" logcheck.XXXXXX)" \
- || TMPDIR="$(mktemp -d -p /var/tmp logcheck.XXXXXX)" \
+TMPDIR="$(mktemp -d ${TMP:-/tmp}/logcheck.XXXXXX)" \
+ || TMPDIR="$(mktemp -d /var/tmp/logcheck.XXXXXX)" \
|| error "Could not create temporary directory"
# Now clean the rulefiles in the directories
|
