by default, logcheck's ignore rule seems to be matched for Linux's log message. I noticed that some libpam messages are not same between Linux's and FreeBSD's. from Linux's libpam... case PAM_AUTH_ERR: return _("Authentication failure"); case PAM_USER_UNKNOWN: return _("User not known to the underlying authentication module"); from FreeBSD's libpam... case PAM_AUTH_ERR: return ("authentication error"); case PAM_USER_UNKNOWN: return ("unknown user"); Fix: attached patch fixes this problem, I think. Patch attached with submission follows:
Responsible Changed From-To: freebsd-ports-bugs->glarking Fix synopsis and assign.
Responsible Changed From-To: glarking->glarkin fix assignment.
State Changed From-To: open->closed Committed, thank you!
glarkin 2011-11-23 19:37:24 UTC FreeBSD ports repository Modified files: security/logcheck Makefile Added files: security/logcheck/files patch-rulefiles__linux__ignore.d.server__ssh Log: - Updated the PAM ssh rule file to match messages emitted on FreeBSD vs. the Linux messages contained in the distro rule file - Bumped PORTREVISION PR: ports/162330 Submitted by: Shuichi KITAGUCHI <ki@hh.iij4u.or.jp> Feature safe: yes Revision Changes Path 1.36 +4 -0 ports/security/logcheck/Makefile 1.1 +13 -0 ports/security/logcheck/files/patch-rulefiles__linux__ignore.d.server__ssh (new) _______________________________________________ cvs-all@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/cvs-all To unsubscribe, send any mail to "cvs-all-unsubscribe@freebsd.org"