Bug 62787
Summary: | sshd Unmatched Entries run together in 2.6-1 | ||||||
---|---|---|---|---|---|---|---|
Product: | [Retired] Red Hat Linux | Reporter: | Chris Rode <electro> | ||||
Component: | logwatch | Assignee: | Elliot Lee <sopwith> | ||||
Status: | CLOSED RAWHIDE | QA Contact: | |||||
Severity: | medium | Docs Contact: | |||||
Priority: | medium | ||||||
Version: | 7.2 | CC: | abartlet, bernd.bartmann, bugs.michael, paul | ||||
Target Milestone: | --- | ||||||
Target Release: | --- | ||||||
Hardware: | noarch | ||||||
OS: | Linux | ||||||
Whiteboard: | |||||||
Fixed In Version: | Doc Type: | Bug Fix | |||||
Doc Text: | Story Points: | --- | |||||
Clone Of: | Environment: | ||||||
Last Closed: | 2002-04-15 17:42:28 UTC | Type: | --- | ||||
Regression: | --- | Mount Type: | --- | ||||
Documentation: | --- | CRM: | |||||
Verified Versions: | Category: | --- | |||||
oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |||||
Cloudforms Team: | --- | Target Upstream Version: | |||||
Embargoed: | |||||||
Attachments: |
|
Description
Chris Rode
2002-04-05 16:51:56 UTC
Created attachment 52508 [details]
proposed bug fix
Please treat this with fairly high priority - it makes logwatch unusable and is trivial to fix. Likewise it messes up sudo logs - where I would normally see a long string of similar commands (becouse thats what I was doing) I get an unreadable single line (wrapped by my MUA) unreadable log. I agree, this needs a new errta, and soon! It's a second bug in the handling of secure.log. My patch addresses both problems. Another thing I noticed after applying the logwatch update, is that all date and time informations are removed in the logwatch mails. Is this intended? I think I would be really much better to get the complete informations from the log files as it was before the update. I'm not sure why it changed, but i find it much easier to read without the times. If you need exact times, you can always go to the logfile itself to get them. Perhaps an option to select the behaviour would be a good idea. while (defined($ThisLine = <STDIN>)) { chomp($ThisLine); $ThisLine =~ s/^... .. ..:..:.. [^ ]+ //; This is from /etc/log.d/scripts/services/secure, which handles /var/log/secure. Here, newline, date, and PID are cut off when they match above format. It fails to cut off entries like name[pid] or name(component)[pid], though. The ChangeLog doesn't mention a clean-up job like this. But I would assume it intends to increase readability. You want unusual information. Dates and PIDs are not unusual. Hence they get dropped. Patch applied in 2.6-2 Where is the Rawhide version? It's not at ftp://ftp.redhat.com/pub/redhat/linux/rawhide/i386/RedHat/RPMS/. rawhide is not currently being pushed to the FTP site. No idea when it is coming back. The package would be there though, honest. :) |