Package: logcheck-database
Version: 1.3.7
Severity: minor
Tags: patch

The /etc/logcheck/ignore.d.server/schroot fails to detect the "session opened"
messages that are IMHO completely normal. The attached patch solves this.

Cheers, 

OdyX

-- System Information:
Debian Release: squeeze/sid
  APT prefers testing
  APT policy: (990, 'testing'), (500, 'unstable'), (1, 'experimental')
Architecture: amd64 (x86_64)

Kernel: Linux 2.6.32-3-amd64 (SMP w/4 CPU cores)
Locale: LANG=fr_CH.UTF-8, LC_CTYPE=fr_CH.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash

-- no debconf information
--- schroot.old 2010-04-22 15:23:56.000000000 +0200
+++ schroot     2010-04-22 15:24:14.000000000 +0200
@@ -1,4 +1,4 @@
 ^\w{3} [ :[:digit:]]{11} [._[:alnum:]-]+ schroot\[[[:digit:]]+\]: \(pam_unix\) 
session opened for user [-_.[:alnum:]]+ by 
([-_.[:alnum:]]+)?\(uid=[[:digit:]]+\)$
-^\w{3} [ :[:digit:]]{11} [._[:alnum:]-]+ schroot\[[[:digit:]]+\]: 
pam_unix\(schroot:session\) session opened for user [-_.[:alnum:]]+ by 
([-_.[:alnum:]]+)?\(uid=[[:digit:]]+\)$
+^\w{3} [ :[:digit:]]{11} [._[:alnum:]-]+ schroot\[[[:digit:]]+\]: 
pam_unix\(schroot:session\):? session opened for user [-_.[:alnum:]]+ by 
([-_.[:alnum:]]+)?\(uid=[[:digit:]]+\)$
 ^\w{3} [ :[:digit:]]{11} [._[:alnum:]-]+ schroot\[[[:digit:]]+\]: 
\[[-._[:alnum:]]+ chroot\] \([-_.[:alnum:]]+->[-_.[:alnum:]]+\) Running login 
shell: '[-._/[:alnum:]]+'$
 ^\w{3} [ :[:digit:]]{11} [._[:alnum:]-]+ schroot\[[[:digit:]]+\]: 
\[[-._[:alnum:]]+ chroot\] \([-_.[:alnum:]]+->[-_.[:alnum:]]+\) Running 
command: ".+"$

Reply via email to