svn commit: r263661 - stable/10/etc/periodic/security

Sun, 23 Mar 2014 05:59:33 -0700 

Author: brueffer
Date: Sun Mar 23 12:58:48 2014
New Revision: 263661
URL: http://svnweb.freebsd.org/changeset/base/263661

Log:
  Further refine the auth fail regex to catch more auth failures and
  reduce false positives.
  
  The committed patch was provided by Christian Marg.
  
  PR:           91732
  Submitted by: Daniel O'Connor <doconnor at gsoft.com.au>
                Skye Poier <spoier at gmail.com>
                Alan Amesbury <amesbury at umn.edu>
                Christian Marg <marg at rz.tu-clausthal.de>

Modified:
  stable/10/etc/periodic/security/800.loginfail
Directory Properties:
  stable/10/   (props changed)

Modified: stable/10/etc/periodic/security/800.loginfail
==============================================================================
--- stable/10/etc/periodic/security/800.loginfail       Sun Mar 23 12:49:25 
2014        (r263660)
+++ stable/10/etc/periodic/security/800.loginfail       Sun Mar 23 12:58:48 
2014        (r263661)
@@ -64,7 +64,7 @@ if check_yesno_period security_status_lo
 then
        echo ""
        echo "${host} login failures:"
-       n=$(catmsgs | egrep -ia "^$yesterday.*: .*(fail|invalid|bad|illegal)" |
+       n=$(catmsgs | egrep -ia "^$yesterday.*: 
.*\b(fail(ures?|ed)?|invalid|bad|illegal|auth.*error)\b" |
            tee /dev/stderr | wc -l)
        [ $n -gt 0 ] && rc=1 || rc=0
 fi
_______________________________________________
svn-src-all@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/svn-src-all
To unsubscribe, send any mail to "svn-src-all-unsubscr...@freebsd.org"

Reply via email to