Le Lundi 14 Mars 2005 13:29, maximilian attems a écrit : > please do as root: > su -s /bin/bash -c "/usr/sbin/logcheck -t -d" logcheck 2> errors > and send in the errors file.
Here it is -- Slaanesh
D: [1110843864] Turning debug mode on D: [1110843864] Sourcing - /etc/logcheck/logcheck.conf D: [1110843864] Setting LOGTAIL_OPTS to -t D: [1110843864] Finished getopts c:dhH:l:L:m:opr:RsS:tTuvw D: [1110843864] Trying to get lockfile: /var/lock/logcheck.lock D: [1110843864] Running lockfile-touch /var/lock/logcheck.lock D: [1110843864] cleanrules: /etc/logcheck/cracking.d/logcheck D: [1110843864] cleanrules: /etc/logcheck/violations.d/logcheck D: [1110843864] cleanrules: /etc/logcheck/violations.d/su D: [1110843864] cleanrules: /etc/logcheck/violations.d/sudo D: [1110843864] cleanrules: /etc/logcheck/violations.ignore.d/hotplug D: [1110843864] cleanrules: /etc/logcheck/violations.ignore.d/innd D: [1110843864] cleanrules: /etc/logcheck/violations.ignore.d/logcheck-bind D: [1110843864] cleanrules: /etc/logcheck/violations.ignore.d/logcheck-courier D: [1110843864] cleanrules: /etc/logcheck/violations.ignore.d/logcheck-cyrus D: [1110843865] cleanrules: /etc/logcheck/violations.ignore.d/logcheck-hylafax D: [1110843865] cleanrules: /etc/logcheck/violations.ignore.d/logcheck-innd D: [1110843865] cleanrules: /etc/logcheck/violations.ignore.d/logcheck-nagios D: [1110843865] cleanrules: /etc/logcheck/violations.ignore.d/logcheck-openvpn D: [1110843865] cleanrules: /etc/logcheck/violations.ignore.d/logcheck-postfix D: [1110843865] cleanrules: /etc/logcheck/violations.ignore.d/logcheck-pureftp D: [1110843865] cleanrules: /etc/logcheck/violations.ignore.d/logcheck-samba D: [1110843865] cleanrules: /etc/logcheck/violations.ignore.d/logcheck-sendmail D: [1110843865] cleanrules: /etc/logcheck/violations.ignore.d/logcheck-sendmail_tmp D: [1110843865] cleanrules: /etc/logcheck/violations.ignore.d/logcheck-spamd D: [1110843865] cleanrules: /etc/logcheck/violations.ignore.d/logcheck-squid D: [1110843865] cleanrules: /etc/logcheck/violations.ignore.d/logcheck-su D: [1110843865] cleanrules: /etc/logcheck/violations.ignore.d/logcheck-sudo D: [1110843865] cleanrules: /etc/logcheck/violations.ignore.d/logcheck-usb D: [1110843865] cleanrules: /etc/logcheck/violations.ignore.d/logcheck-winbind D: [1110843865] cleanrules: /etc/logcheck/violations.ignore.d/spamassassin D: [1110843865] cleanrules: /etc/logcheck/violations.ignore.d/su D: [1110843865] cleanrules: /etc/logcheck/ignore.d.server/amavisd-new D: [1110843865] cleanrules: /etc/logcheck/ignore.d.server/anon-proxy D: [1110843865] cleanrules: /etc/logcheck/ignore.d.server/apache D: [1110843865] cleanrules: /etc/logcheck/ignore.d.server/arpwatch D: [1110843865] cleanrules: /etc/logcheck/ignore.d.server/automount D: [1110843865] cleanrules: /etc/logcheck/ignore.d.server/bind D: [1110843865] cleanrules: /etc/logcheck/ignore.d.server/clamav-daemon D: [1110843865] cleanrules: /etc/logcheck/ignore.d.server/clamav-freshclam D: [1110843865] cleanrules: /etc/logcheck/ignore.d.server/courier D: [1110843865] cleanrules: /etc/logcheck/ignore.d.server/cpqarrayd D: [1110843865] cleanrules: /etc/logcheck/ignore.d.server/cron D: [1110843865] cleanrules: /etc/logcheck/ignore.d.server/cyrus D: [1110843865] cleanrules: /etc/logcheck/ignore.d.server/dhclient D: [1110843865] cleanrules: /etc/logcheck/ignore.d.server/dhcp D: [1110843865] cleanrules: /etc/logcheck/ignore.d.server/dictd D: [1110843865] cleanrules: /etc/logcheck/ignore.d.server/dnsmasq D: [1110843865] cleanrules: /etc/logcheck/ignore.d.server/dovecot D: [1110843865] cleanrules: /etc/logcheck/ignore.d.server/fetchmail D: [1110843865] cleanrules: /etc/logcheck/ignore.d.server/gnome-bin D: [1110843865] cleanrules: /etc/logcheck/ignore.d.server/gps D: [1110843865] cleanrules: /etc/logcheck/ignore.d.server/hddtemp D: [1110843865] cleanrules: /etc/logcheck/ignore.d.server/hylafax D: [1110843865] cleanrules: /etc/logcheck/ignore.d.server/imap D: [1110843865] cleanrules: /etc/logcheck/ignore.d.server/imapd-ssl D: [1110843865] cleanrules: /etc/logcheck/ignore.d.server/imapproxy D: [1110843865] cleanrules: /etc/logcheck/ignore.d.server/imp D: [1110843865] cleanrules: /etc/logcheck/ignore.d.server/innd D: [1110843865] cleanrules: /etc/logcheck/ignore.d.server/ipppd D: [1110843865] cleanrules: /etc/logcheck/ignore.d.server/isdnlog D: [1110843865] cleanrules: /etc/logcheck/ignore.d.server/isdnutils D: [1110843865] cleanrules: /etc/logcheck/ignore.d.server/jabberd D: [1110843865] cleanrules: /etc/logcheck/ignore.d.server/logcheck D: [1110843865] cleanrules: /etc/logcheck/ignore.d.server/nagios D: [1110843865] cleanrules: /etc/logcheck/ignore.d.server/nfs D: [1110843865] cleanrules: /etc/logcheck/ignore.d.server/nntpcache D: [1110843865] cleanrules: /etc/logcheck/ignore.d.server/nscd D: [1110843865] cleanrules: /etc/logcheck/ignore.d.server/ntp D: [1110843866] cleanrules: /etc/logcheck/ignore.d.server/ntpdate D: [1110843866] cleanrules: /etc/logcheck/ignore.d.server/oidentd D: [1110843866] cleanrules: /etc/logcheck/ignore.d.server/openvpn D: [1110843866] cleanrules: /etc/logcheck/ignore.d.server/pdns D: [1110843866] cleanrules: /etc/logcheck/ignore.d.server/perdition D: [1110843866] cleanrules: /etc/logcheck/ignore.d.server/pop3d-ssl D: [1110843866] cleanrules: /etc/logcheck/ignore.d.server/postfix D: [1110843866] cleanrules: /etc/logcheck/ignore.d.server/ppp D: [1110843866] cleanrules: /etc/logcheck/ignore.d.server/pptpd D: [1110843866] cleanrules: /etc/logcheck/ignore.d.server/proftpd D: [1110843866] cleanrules: /etc/logcheck/ignore.d.server/pure-ftpd D: [1110843866] cleanrules: /etc/logcheck/ignore.d.server/qmail D: [1110843866] cleanrules: /etc/logcheck/ignore.d.server/rbldnsd D: [1110843866] cleanrules: /etc/logcheck/ignore.d.server/rpc_statd D: [1110843866] cleanrules: /etc/logcheck/ignore.d.server/rsnapshot D: [1110843866] cleanrules: /etc/logcheck/ignore.d.server/rsync D: [1110843866] cleanrules: /etc/logcheck/ignore.d.server/samba D: [1110843866] cleanrules: /etc/logcheck/ignore.d.server/saslauthd D: [1110843866] cleanrules: /etc/logcheck/ignore.d.server/scponly D: [1110843866] cleanrules: /etc/logcheck/ignore.d.server/slapd D: [1110843866] cleanrules: /etc/logcheck/ignore.d.server/smartd D: [1110843866] cleanrules: /etc/logcheck/ignore.d.server/smokeping D: [1110843866] cleanrules: /etc/logcheck/ignore.d.server/snmpd D: [1110843866] cleanrules: /etc/logcheck/ignore.d.server/spamd D: [1110843866] cleanrules: /etc/logcheck/ignore.d.server/squid D: [1110843866] cleanrules: /etc/logcheck/ignore.d.server/ssh D: [1110843866] cleanrules: /etc/logcheck/ignore.d.server/stunnel D: [1110843866] cleanrules: /etc/logcheck/ignore.d.server/syslogd D: [1110843866] cleanrules: /etc/logcheck/ignore.d.server/thy D: [1110843866] cleanrules: /etc/logcheck/ignore.d.server/ucd-snmp D: [1110843866] cleanrules: /etc/logcheck/ignore.d.server/uptimed D: [1110843866] cleanrules: /etc/logcheck/ignore.d.server/userv D: [1110843866] cleanrules: /etc/logcheck/ignore.d.paranoid/bind D: [1110843866] cleanrules: /etc/logcheck/ignore.d.paranoid/clamav-daemon D: [1110843866] cleanrules: /etc/logcheck/ignore.d.paranoid/cron D: [1110843866] cleanrules: /etc/logcheck/ignore.d.paranoid/imap D: [1110843866] cleanrules: /etc/logcheck/ignore.d.paranoid/logcheck D: [1110843866] cleanrules: /etc/logcheck/ignore.d.paranoid/postfix D: [1110843866] cleanrules: /etc/logcheck/ignore.d.paranoid/ppp D: [1110843866] cleanrules: /etc/logcheck/ignore.d.paranoid/proftpd D: [1110843866] cleanrules: /etc/logcheck/ignore.d.paranoid/qpopper D: [1110843866] cleanrules: /etc/logcheck/ignore.d.paranoid/spamassassin D: [1110843866] cleanrules: /etc/logcheck/ignore.d.paranoid/squid D: [1110843866] cleanrules: /etc/logcheck/ignore.d.paranoid/ssh D: [1110843866] cleanrules: /etc/logcheck/ignore.d.paranoid/stunnel D: [1110843866] cleanrules: /etc/logcheck/ignore.d.paranoid/sysklogd D: [1110843866] cleanrules: /etc/logcheck/ignore.d.paranoid/telnetd D: [1110843866] cleanrules: /etc/logcheck/ignore.d.paranoid/tripwire D: [1110843866] logoutput called with file: /var/log/syslog D: [1110843866] Running logtail: /var/log/syslog D: [1110843866] logoutput called with file: /var/log/auth.log D: [1110843866] Running logtail: /var/log/auth.log D: [1110843866] Sorting logs D: [1110843866] Setting the Intro D: [1110843866] Checking for security alerts D: [1110843866] greplogoutput: logcheck D: [1110843867] greplogoutput: returning 1 D: [1110843867] Checking for security events D: [1110843867] greplogoutput: logcheck D: [1110843867] greplogoutput: su D: [1110843867] greplogoutput: Entries in checked D: [1110843867] cleanchecked - file: /tmp/logcheck.h3PXt8/violations-ignore/su D: [1110843867] cleanchecked - file: /tmp/logcheck.h3PXt8/violations-ignore/logcheck-su D: [1110843867] greplogoutput: sudo D: [1110843867] greplogoutput: returning 1 D: [1110843867] Checking for system events D: [1110843867] cleanchecked - dir - /tmp/logcheck.h3PXt8/ignore D: [1110843867] cleanchecked - dir - /tmp/logcheck.h3PXt8/ignore/amavisd-new D: [1110843867] cleanchecked - dir - /tmp/logcheck.h3PXt8/ignore/anon-proxy D: [1110843867] cleanchecked - dir - /tmp/logcheck.h3PXt8/ignore/apache D: [1110843867] cleanchecked - dir - /tmp/logcheck.h3PXt8/ignore/arpwatch D: [1110843867] cleanchecked - dir - /tmp/logcheck.h3PXt8/ignore/automount D: [1110843867] cleanchecked - dir - /tmp/logcheck.h3PXt8/ignore/bind D: [1110843867] cleanchecked - dir - /tmp/logcheck.h3PXt8/ignore/clamav-daemon D: [1110843867] cleanchecked - dir - /tmp/logcheck.h3PXt8/ignore/clamav-freshclam D: [1110843867] cleanchecked - dir - /tmp/logcheck.h3PXt8/ignore/courier D: [1110843867] cleanchecked - dir - /tmp/logcheck.h3PXt8/ignore/cpqarrayd D: [1110843867] cleanchecked - dir - /tmp/logcheck.h3PXt8/ignore/cron D: [1110843867] cleanchecked - dir - /tmp/logcheck.h3PXt8/ignore/cyrus D: [1110843867] cleanchecked - dir - /tmp/logcheck.h3PXt8/ignore/dhclient D: [1110843867] cleanchecked - dir - /tmp/logcheck.h3PXt8/ignore/dhcp D: [1110843867] cleanchecked - dir - /tmp/logcheck.h3PXt8/ignore/dictd D: [1110843867] cleanchecked - dir - /tmp/logcheck.h3PXt8/ignore/dnsmasq D: [1110843867] cleanchecked - dir - /tmp/logcheck.h3PXt8/ignore/dovecot D: [1110843867] cleanchecked - dir - /tmp/logcheck.h3PXt8/ignore/fetchmail D: [1110843867] cleanchecked - dir - /tmp/logcheck.h3PXt8/ignore/gnome-bin D: [1110843867] cleanchecked - dir - /tmp/logcheck.h3PXt8/ignore/gps D: [1110843867] cleanchecked - dir - /tmp/logcheck.h3PXt8/ignore/hddtemp D: [1110843867] cleanchecked - dir - /tmp/logcheck.h3PXt8/ignore/hylafax D: [1110843867] cleanchecked - dir - /tmp/logcheck.h3PXt8/ignore/imap D: [1110843867] cleanchecked - dir - /tmp/logcheck.h3PXt8/ignore/imapd-ssl D: [1110843867] cleanchecked - dir - /tmp/logcheck.h3PXt8/ignore/imapproxy D: [1110843867] cleanchecked - dir - /tmp/logcheck.h3PXt8/ignore/imp D: [1110843867] cleanchecked - dir - /tmp/logcheck.h3PXt8/ignore/innd D: [1110843868] cleanchecked - dir - /tmp/logcheck.h3PXt8/ignore/ipppd D: [1110843868] cleanchecked - dir - /tmp/logcheck.h3PXt8/ignore/isdnlog D: [1110843868] cleanchecked - dir - /tmp/logcheck.h3PXt8/ignore/isdnutils D: [1110843868] cleanchecked - dir - /tmp/logcheck.h3PXt8/ignore/jabberd D: [1110843868] cleanchecked - dir - /tmp/logcheck.h3PXt8/ignore/logcheck D: [1110843868] cleanchecked - dir - /tmp/logcheck.h3PXt8/ignore/nagios D: [1110843868] cleanchecked - dir - /tmp/logcheck.h3PXt8/ignore/nfs D: [1110843868] cleanchecked - dir - /tmp/logcheck.h3PXt8/ignore/nntpcache D: [1110843868] cleanchecked - dir - /tmp/logcheck.h3PXt8/ignore/nscd D: [1110843868] cleanchecked - dir - /tmp/logcheck.h3PXt8/ignore/ntp D: [1110843868] cleanchecked - dir - /tmp/logcheck.h3PXt8/ignore/ntpdate grep: Expression régulière invalide D: [1110843868] cleanchecked - dir - /tmp/logcheck.h3PXt8/ignore/oidentd D: [1110843868] cleanchecked - dir - /tmp/logcheck.h3PXt8/ignore/openvpn D: [1110843868] cleanchecked - dir - /tmp/logcheck.h3PXt8/ignore/pdns D: [1110843868] cleanchecked - dir - /tmp/logcheck.h3PXt8/ignore/perdition D: [1110843868] cleanchecked - dir - /tmp/logcheck.h3PXt8/ignore/pop3d-ssl D: [1110843868] cleanchecked - dir - /tmp/logcheck.h3PXt8/ignore/postfix D: [1110843868] cleanchecked - dir - /tmp/logcheck.h3PXt8/ignore/ppp D: [1110843868] cleanchecked - dir - /tmp/logcheck.h3PXt8/ignore/pptpd D: [1110843869] cleanchecked - dir - /tmp/logcheck.h3PXt8/ignore/proftpd D: [1110843869] cleanchecked - dir - /tmp/logcheck.h3PXt8/ignore/pure-ftpd D: [1110843869] cleanchecked - dir - /tmp/logcheck.h3PXt8/ignore/qmail D: [1110843869] cleanchecked - dir - /tmp/logcheck.h3PXt8/ignore/qpopper D: [1110843869] cleanchecked - dir - /tmp/logcheck.h3PXt8/ignore/rbldnsd D: [1110843869] cleanchecked - dir - /tmp/logcheck.h3PXt8/ignore/rpc_statd D: [1110843869] cleanchecked - dir - /tmp/logcheck.h3PXt8/ignore/rsnapshot D: [1110843869] cleanchecked - dir - /tmp/logcheck.h3PXt8/ignore/rsync D: [1110843869] cleanchecked - dir - /tmp/logcheck.h3PXt8/ignore/samba D: [1110843869] cleanchecked - dir - /tmp/logcheck.h3PXt8/ignore/saslauthd D: [1110843869] cleanchecked - dir - /tmp/logcheck.h3PXt8/ignore/scponly D: [1110843869] cleanchecked - dir - /tmp/logcheck.h3PXt8/ignore/slapd D: [1110843869] cleanchecked - dir - /tmp/logcheck.h3PXt8/ignore/smartd D: [1110843869] cleanchecked - dir - /tmp/logcheck.h3PXt8/ignore/smokeping D: [1110843869] cleanchecked - dir - /tmp/logcheck.h3PXt8/ignore/snmpd D: [1110843869] cleanchecked - dir - /tmp/logcheck.h3PXt8/ignore/spamassassin D: [1110843869] cleanchecked - dir - /tmp/logcheck.h3PXt8/ignore/spamd D: [1110843869] cleanchecked - dir - /tmp/logcheck.h3PXt8/ignore/squid D: [1110843869] cleanchecked - dir - /tmp/logcheck.h3PXt8/ignore/ssh D: [1110843869] cleanchecked - dir - /tmp/logcheck.h3PXt8/ignore/stunnel D: [1110843869] cleanchecked - dir - /tmp/logcheck.h3PXt8/ignore/sysklogd D: [1110843869] cleanchecked - dir - /tmp/logcheck.h3PXt8/ignore/syslogd D: [1110843869] cleanchecked - dir - /tmp/logcheck.h3PXt8/ignore/telnetd D: [1110843869] cleanchecked - dir - /tmp/logcheck.h3PXt8/ignore/thy D: [1110843869] cleanchecked - dir - /tmp/logcheck.h3PXt8/ignore/tripwire D: [1110843869] cleanchecked - dir - /tmp/logcheck.h3PXt8/ignore/ucd-snmp D: [1110843869] cleanchecked - dir - /tmp/logcheck.h3PXt8/ignore/uptimed D: [1110843869] cleanchecked - dir - /tmp/logcheck.h3PXt8/ignore/userv D: [1110843869] Setting the footer text D: [1110843869] cleanup: Killing lockfile-touch - 6652 D: [1110843869] cleanup: Removing lockfile: /var/lock/logcheck.lock D: [1110843869] Cleanup: Removing - /tmp/logcheck.h3PXt8
