--- src/logcheck.orig 2023-03-02 08:19:09 UTC +++ src/logcheck @@ -24,16 +24,16 @@ if [ "$(id -u)" = 0 ]; then echo "logcheck should not be run as root. Use su to invoke logcheck:" - echo "su -s /bin/bash -c \"/usr/sbin/logcheck${*:+ $*}\" logcheck" + echo "su -m %%LOGCHECK_USER%% -c \"%%LOCALBASE%%/bin/bash %%LOCALBASE%%/sbin/logcheck${*:+ $*}\" logcheck" echo "Or use sudo: sudo -u logcheck logcheck${*:+ $*}." # you may want to uncomment that hack to let logcheck invoke itself. - # su -s /bin/bash -c "$0 $*" logcheck + # su -s %%LOCALBASE%%/bin/bash -c "$0 $*" logcheck exit 1 fi -if [ ! -f /usr/bin/lockfile-create ] || \ - [ ! -f /usr/bin/lockfile-remove ] || \ - [ ! -f /usr/bin/lockfile-touch ]; then +if [ ! -f %%LOCALBASE%%/bin/lockfile-create ] || \ + [ ! -f %%LOCALBASE%%/bin/lockfile-remove ] || \ + [ ! -f %%LOCALBASE%%/bin/lockfile-touch ]; then echo "fatal: lockfile-progs is a prerequisite for logcheck, but was not found." exit 1 fi @@ -71,13 +71,13 @@ EVENTSSUBJECT="System Events" ADDTAG="no" # Default paths -RULEDIR="/etc/logcheck" -CONFFILE="/etc/logcheck/logcheck.conf" -STATEDIR="/var/lib/logcheck" -LOGFILES_LIST="/etc/logcheck/logcheck.logfiles" -LOGFILES_LIST_D="/etc/logcheck/logcheck.logfiles.d" -LOGFILE_FALLBACK="/var/log/syslog" -LOGTAIL="/usr/sbin/logtail2" +RULEDIR="%%ETCDIR%%" +CONFFILE="%%ETCDIR%%/logcheck.conf" +STATEDIR="%%DBDIR%%" +LOGFILES_LIST="%%ETCDIR%%/logcheck.logfiles" +LOGFILES_LIST_D="%%ETCDIR%%/logcheck.logfiles.d" +LOGFILE_FALLBACK="/var/log/messages" +LOGTAIL="%%PREFIX%%/sbin/logtail2" SYSLOG_SUMMARY="/usr/bin/syslog-summary" # Defaults for options @@ -92,7 +92,7 @@ FQDN=0 SORTUNIQ=0 SUPPORT_CRACKING_IGNORE=0 SYSLOGSUMMARY=0 -LOCKDIR=/run/lock/logcheck +LOCKDIR=/var/run/logcheck LOCKFILE="$LOCKDIR/logcheck" # Allow globs to return zero files @@ -183,8 +183,8 @@ ${TMPDIR:+"- Check temporary directory: $TMPDIR" } - verify that the logcheck user can read all logfiles specified in; - /etc/logcheck/logcheck.logfiles - /etc/logcheck/logcheck.logfiled.d/*.logfiles + %%ETCDIR%%/logcheck.logfiles + %%ETCDIR%%/logcheck.logfiled.d/*.logfiles - check the system has enough space; (df -h output follows): $(df -h 2>&1|| :) - check the settings (environment follows): @@ -237,7 +237,7 @@ cleanrules() { error "Could not read $x" fi done - for rulefile in $(run-parts --list "$dir"); do + for rulefile in $(ls -1R "$dir"); do rulefile="$(basename "$rulefile")" if [ -f "${dir}/${rulefile}" ]; then debug "cleanrules: ${dir}/${rulefile} -> $cleaned/$rulefile" @@ -503,7 +503,7 @@ logoutput() { >> "$TMPDIR/report" || error "Could not write message about first-time check of journal to report" echo "Only recent entries (from the last 5 hours) will be checked" \ >> "$TMPDIR/report" || error "Could not write message about first-time check of journal to report" - echo "If you do not wish to check the systemd journal, please see /etc/logcheck/logcheck.logfiles.d/journal.logfiles" \ + echo "If you do not wish to check the systemd journal, please see %%ETCDIR%%/logcheck.logfiles.d/journal.logfiles" \ >> "$TMPDIR/report" || error "Could not write message about first-time check of journal to report" offsettime="--since=-5h" fi @@ -587,7 +587,7 @@ debug "Sourcing - $CONFFILE" # Now source the config file - before things that should not be changed if [ -r "$CONFFILE" ]; then - # shellcheck source=/etc/logcheck/logcheck.conf + # shellcheck source=%%ETCDIR%%/logcheck.conf . "$CONFFILE" elif [ -f "$CONFFILE" ]; then error "Config file $CONFFILE could not be read" @@ -618,9 +618,9 @@ fi # HOSTNAME is either 'fully qualified' or 'short' if [ "$FQDN" -eq 1 ]; then - HOSTNAME="$(hostname --fqdn 2>/dev/null)" + HOSTNAME="$(hostname -f 2>/dev/null)" else - HOSTNAME="$(hostname --short 2>/dev/null)" + HOSTNAME="$(hostname -s 2>/dev/null)" fi # Now check for the other options @@ -725,8 +725,8 @@ else fi # Create a secure temporary working directory (or exit) -TMPDIR="$(mktemp -d -p "${TMP:-/tmp}" logcheck.XXXXXX)" \ - || TMPDIR="$(mktemp -d -p /var/tmp logcheck.XXXXXX)" \ +TMPDIR="$(mktemp -d ${TMP:-/tmp}/logcheck.XXXXXX)" \ + || TMPDIR="$(mktemp -d /var/tmp/logcheck.XXXXXX)" \ || error "Could not create temporary directory" debug "Using working dir: $TMPDIR"