diff -up logwatch-7.3.6/scripts/services/secure.pom logwatch-7.3.6/scripts/services/secure
--- logwatch-7.3.6/scripts/services/secure.pom 2009-10-12 11:33:15.000000000 +0200
+++ logwatch-7.3.6/scripts/services/secure 2009-10-12 12:38:29.000000000 +0200
@@ -435,6 +435,9 @@ while (defined($ThisLine = <STDIN>)) {
} elsif ( ($User) = ($ThisLine =~ /useradd.*failed adding user `(.*)', data deleted/) ) {# failed adding user/)) {# (.*), data deleted/)) {
# useradd: failed adding user `rpcuser', data deleted
$FailedAddUsers{$User}++;
+ } elsif (($User,$Reason) = ($ThisLine =~ /dovecot-auth: pam_userdb\(dovecot:auth\): user `(.*)' denied access \((.*)\)/)) {
+ # dovecot-auth: pam_userdb(dovecot:auth): user `bobok' denied access (incorrect password)
+ $DeniedAccess{"$User,$Reason"}++;
} else {
# Unmatched entries...
$ThisLine =~ s/\[\d+\]:/:/;
@@ -535,6 +538,7 @@ if (keys %UnknownUser) {
if ($pwd_file_unknown > 0) {
print "\nUsers unknown in password database (pwd_file): $pwd_file_unknown\n";
}
+
if ($pwd_file_too_short > 0) {
print "\nPassword too short or NULL (pwd_file): $pwd_file_too_short Time(s)\n";
}
@@ -594,6 +598,14 @@ if (keys %{$FailedSaver}) {
}
}
+if (keys %DeniedAccess) {
+ print "\ndovecot-auth: Denied access\n";
+ foreach (keys %DeniedAccess) {
+ ($User,$Reason) = split ",";
+ print " for user " . $User . " (reason: " . $Reason . ") :" . $DeniedAccess{"$User,$Reason"} . " Time(s)\n";
+ }
+}
+
if (keys %NoIP) {
print "\nCouldn't get client IPs for connections to:\n";
foreach $ThisOne (sort {$a cmp $b} keys %NoIP) {
distrib
>
Fedora
>
13
>
i386
>
media
>
updates-src
>
by-pkgid
>
8ff15aaec6aa7c6a6bfade293a2cfbaa
>
files
>
55
