diff -up logwatch-7.3.6/scripts/services/pam_unix.pom logwatch-7.3.6/scripts/services/pam_unix
--- logwatch-7.3.6/scripts/services/pam_unix.pom 2006-12-20 16:46:45.000000000 +0100
+++ logwatch-7.3.6/scripts/services/pam_unix 2008-11-11 11:12:35.000000000 +0100
@@ -121,7 +121,8 @@ while ($line = <STDIN>) {
}
#lowercase the service
$service = lc($service);
- if (($service eq 'sshd') or ($service eq 'login') or ($service eq 'ftp') or ($service eq 'rsh')) {
+ if (($service eq 'sshd') or ($service eq 'login') or ($service eq 'ftp') or ($service eq 'rsh') or
+ ($service eq 'remote') or ($service eq 'rlogin')) {
if ($line =~ s/^session opened for user (.+) by \(uid=\d+\)/$1/) {
($Detail >= 5) && $data{$service}{'Sessions Opened'}{$line}++;
} elsif ($line =~ s/^session opened for user ([^ ]*) by ([^ ]*)\(uid=\d+\)/$1 by $2/) {
@@ -148,6 +149,8 @@ while ($line = <STDIN>) {
$data{$service}{'Expired Accounts'}{$line}++;
} elsif ($line =~ s/bad username \[(.*)\]/$1/) {
$data{$service}{'Invalid Users'}{"Bad User: $line"}++;
+ } elsif ($line =~ s/auth could not identify password for \[(.*)\]/$1/) {
+ $data{$service}{'Not Identify Password For'}{$line}++;
} else {
$data{$service}{'Unknown Entries'}{$line}++;
}
@@ -178,12 +181,16 @@ while ($line = <STDIN>) {
} elsif ($service eq 'gdm') {
if ($line =~ s/^session opened for user (.+) by \(uid=\d+\)/$1/) {
($Detail >= 5) && $data{$service}{'Sessions Opened'}{$line}++;
+ } elsif ($line =~ s/auth could not identify password for \[(.*)\]/$1/) {
+ $data{$service}{'Not Identify Password For'}{$line}++;
} elsif ($line =~ s/^authentication failure; logname=.*user=(.+)$/$1/) {
$data{$service}{'Authentication Failures'}{$line}++;
} elsif ($line =~ /session closed for user/) {
# ignore this line
} elsif ($line =~ /bad username \[\]/) {
# ignore this line
+ } elsif ($line =~ /conversation failed/) {
+ # ignore this line
} else {
$data{$service}{'Unknown Entries'}{$line}++;
}
@@ -196,7 +203,7 @@ while ($line = <STDIN>) {
$data{$service}{'Authentication Failures'}{$line}++;
}
- } elsif ($service eq 'xdm') {
+ } elsif ($service eq 'xdm') {
if ($line =~ s/^session opened for user (.+) by \(uid=\d+\)/$1/) {
($Detail >= 5) && $data{$service}{'Sessions Opened'}{$line}++;
} elsif ($line =~ /session closed for user/) {
@@ -249,7 +256,7 @@ while ($line = <STDIN>) {
($Detail >= 5) && $data{$service}{'Sessions Opened'}{$line}++;
} elsif ($line =~ /session closed for user/) {
# ignore this line
- } elsif ($line =~ /^account root has password changed in future/) {
+ } elsif ($line =~ /account (.+) has password changed in future/) {
#I'm not sure whether this info could not be reported
} else {
$data{$service}{'Unknown Entries'}{$line}++;
@@ -270,7 +277,7 @@ while ($line = <STDIN>) {
} else {
$data{$service}{'Unknown Entries'}{$line}++;
}
- } elsif ($service eq 'runuser') {
+ } elsif (($service eq 'runuser') or ($service eq 'runuser-l')){
if ($line =~/^session (opened)?(\/)?(closed)? for user [a-zA-Z\d]+/) {
} else {
$data{$service}{'Unknown Entries'}{$line}++;
@@ -287,9 +294,28 @@ while ($line = <STDIN>) {
$data{$service}{'Not Identify Password For'}{$line}++;
} else {
$data{$service}{'Unknown Entries'}{$line}++;
- }
- } else {
- $data{$service}{'Unknown Entries'}{$line}++;
+ }
+ } elsif ($service eq 'polkit') {
+ if ($line =~ s/auth could not identify password for \[(.*)\]/$1/) {
+ $data{$service}{'Not Identify Password For'}{$line}++;
+ } elsif ($line =~ s/^authentication failure; logname=(\S*) uid=(\d+) .*user=(\S*)$/$1($2) -> $3/) {
+ $data{$service}{'Authentication Failures'}{$line}++;
+ } elsif ($line =~ /conversation failed/) {
+ # ignore this line
+ } else {
+ $data{$service}{'Unknown Entries'}{$line}++;
+ }
+ } elsif ($service eq 'virt-manager') {
+ if ($line =~ s/auth could not identify password for \[(.*)\]/$1/) {
+ $data{$service}{'Not Identify Password For'}{$line}++;
+ } elsif ($line =~ /conversation failed/) {
+ # ignore this line
+ } else {
+ $data{$service}{'Unknown Entries'}{$line}++;
+ }
+
+ } else {
+ $data{$service}{'Unknown Entries'}{$line}++;
}
}
distrib
>
Fedora
>
13
>
i386
>
media
>
updates-src
>
by-pkgid
>
8ff15aaec6aa7c6a6bfade293a2cfbaa
>
files
>
47
