Name: logcheck Summary: Psionic LogCheck Version: 1.1.2 Release: 1 Copyright: GPL Group: System Environment/Daemons URL: http://www.psionic.com/abacus/logcheck/ Source: http://www.psionic.com/tools/logcheck-%{version}.tar.gz Source1: %{name}.cron Patch: %{name}.patch Patch1: %{name}-sh.patch BuildRoot: %{_tmppath}/%{name}-buildroot %description Logcheck is a software package that is designed to automatically run and check system log files for security violations and unusual activity. Logcheck utilizes a program called logtail that remembers the last position it read from in a log file and uses this position on subsequent runs to process new information. All source code is available for review and the implementation was kept simple to avoid problems. This package is a clone of the frequentcheck.sh script from the Trusted Information Systems Gauntlet(tm) firewall package. TIS has granted permission for me to clone this package. %prep %setup -q %patch -p1 -b .orig %patch1 -p1 -b .orig2 %build %install rm -rf $RPM_BUILD_ROOT export INSTALLDIR=$RPM_BUILD_ROOT%{_sysconfdir}/logcheck export INSTALLDIR_BIN=$RPM_BUILD_ROOT%{_bindir} export INSTALLDIR_SH=$RPM_BUILD_ROOT%{_bindir} export TMPDIR=$RPM_BUILD_ROOT%{_localstatedir}/logcheck export CFLAGS=$RPM_OPT_FLAGS mkdir -p $RPM_BUILD_ROOT%{_sysconfdir}/logcheck mkdir -p $RPM_BUILD_ROOT%{_bindir} mkdir -m700 -p $RPM_BUILD_ROOT%{_localstatedir}/logcheck make linux #install logcheck.conf install -m600 systems/linux/logcheck.conf $RPM_BUILD_ROOT%{_sysconfdir}/logcheck # rename files pushd $RPM_BUILD_ROOT%{_sysconfdir}/logcheck mv -f logcheck.hacking hacking mv -f logcheck.violations violations mv -f logcheck.violations.ignore violations.ignore mv -f logcheck.ignore ignore popd mkdir -p $RPM_BUILD_ROOT%{_sysconfdir}/cron.hourly/ install -m755 %{SOURCE1} $RPM_BUILD_ROOT%{_sysconfdir}/cron.hourly/logcheck %clean rm -rf $RPM_BUILD_ROOT %files %defattr(-,root,root) %doc CHANGES CREDITS INSTALL LICENSE README* systems/linux/README* %config %{_sysconfdir}/cron.hourly/logcheck %config(noreplace) %{_sysconfdir}/logcheck/logcheck.conf %config(noreplace) %{_sysconfdir}/logcheck/hacking %config(noreplace) %{_sysconfdir}/logcheck/violations %config(noreplace) %{_sysconfdir}/logcheck/violations.ignore %config(noreplace) %{_sysconfdir}/logcheck/ignore %{_bindir}/logcheck.sh %{_bindir}/logtail %dir %{_localstatedir}/logcheck %changelog * Sun Oct 3 2004 Scott R. Shinn 1.1.2-1 - update to 1.1.2 - dar tweaks * Fri Mar 9 2001 Tim Powers - incorporated most if the ideas from the patch sent in in bug 31069, except moved the variables into logcheck.conf to keep things consistant. * Thu Mar 8 2001 Tim Powers - split out the configuration stuff from the shell script that is run into a config file (#31069) * Mon Feb 5 2001 Tim Powers - changed schedule to run back to hourly as per bug 25949 which makes more sense. * Fri Jan 19 2001 Tim Powers - maillog was erroneously changed to mail.log in logcheck.sh * Thu Jan 4 2001 Tim Powers - not building as noarch, has arch dependant binaries * Fri Oct 6 2000 Tim Powers 1.1.1-5 - using Mandrakes package for Powertools. Thanks Mandrake :) - build for noarch - change group to be a valid Red Hat group - added URL to the logcheck sources - fixed URL to logcheck webpage - removed redundant defines at top of spec file - fix location of /tmp dir to be /var/logcheck. Don't want to use something everyone has access to. * Mon Sep 18 2000 Vincent Danen 1.1.1-4mdk - move logcheck script from running hourly to running daily * Thu Aug 3 2000 Vincent Danen 1.1.1-3mdk - macros - fix path for config files - change group - add patch to fix configuration variables in logcheck.sh - add script in cron.hourly * Thu May 4 2000 Vincent Danen 1.1.1-2mdk - fix group - fix for spec-helper - change prefix to /usr - bzip patch * Wed Dec 1 1999 Vincent Danen - updated specfile for Mandrake contribs - specfile cleanups - bzip sources - 1.1.1 * Tue Nov 9 1999 Vincent Danen - updated spec file to clean up properly - specfile adaptations * Tue Sep 28 1999 Vincent Danen - updated spec file * Mon Sep 27 1999 Vincent Danen - 1.1 - Mandrake adaptions