Handle desktop-base and serveur-base as equivs

desktop-base.changelog

@@ -0,0 +1,34 @@
+desktop-base (1:0.4+evolix) stable; urgency=medium
+
+  * Handle as equivs
+
+ -- David Prévot <dprevot@evolix.fr>  Fri, 06 Jan 2023 16:19:38 +0100
+
+desktop-base (1:0.4) UNRELEASED; urgency=low
+
+  * Changes for stretch.
+
+ -- Gregory Colpart <reg@debian.org>  Fri, 01 Sep 2017 02:03:19 +0200
+
+desktop-base (1:0.3) UNRELEASED; urgency=low
+
+  * Add perl-doc.
+  * Add ssh-askpass.
+  * Add manpages-dev.
+  * Add xfce4-clipman-plugin.
+  * I use now an 'epoch'.
+  * Remove sudo.
+
+ -- Gregory Colpart <reg@debian.org>  Fri, 01 Sep 2017 02:00:29 +0200
+
+desktop-base (0.2) UNRELEASED; urgency=low
+
+  * I use now a "real" meta-package.
+
+ -- Gregory Colpart <reg@debian.org>  Sat, 15 Nov 2008 22:34:50 +0100
+
+desktop-base (0.0.1) UNRELEASED; urgency=low
+
+  * Initial release.
+
+ -- Gregory Colpart <reg@debian.org>  Tue,  5 Aug 2008 00:00:00 +0200

desktop-base.ctl

@@ -0,0 +1,7 @@
+Package: desktop-base
+Recommends: apg,apt-file,arping,asciidoc,audacious,bc,bsdgames,build-essential,devscripts,dlocate,dnsutils,docbook,docbook-xsl,elinks,ftp,git,gnupg,gpm,gv,hddtemp,hdparm,hevea,host,htop,firefox-esr,firefox-esr-l10n-fr,thunderbird,thunderbird-l10n-fr,ipcalc,irssi,keychain,ldap-utils,ldapvi,less,lftp,libnss-ldap,libpam-ldap,libtiff-tools,locate,lpr,lynx,manpages-dev,minicom,mtr,mutt,nfs-common,nmap,ntfs-3g,ntpdate,libreoffice,libreoffice-l10n-fr,openvpn,password-gorilla,pdftk,perl-doc,pidgin,postfix,procmail,rdesktop,rxvt-unicode,screen,ssh,ssh-askpass,sshfs,streamtuner,subversion,t1-cyrillic,tcpdump,telnet,texlive,texlive-latex-extra,traceroute,trickle,vim,vlc,whois,wodim,xfce4,xfce4-clipman-plugin,xpdf,xsane,xscreensaver,xtrlock,zip,sxiv,clusterssh
+Version: 1:0.4+evolix
+Description: Evolix 'desktop' installation components
+ This metapackage provides the essential components for
+ an installation of an Evolix desktop computer.
+Changelog: desktop-base.changelog

logcheck/evolix_courier

@@ -0,0 +1 @@
+^\w{3} [ :0-9]{11} [._[:alnum:]-]+ authdaemond: pam_unix\(imap:auth\): authentication failure; logname= uid=0 euid=0 tty= ruser= rhost=

logcheck/evolix_iptables

@@ -0,0 +1,4 @@
+^\w{3} [ :0-9]{11} [._[:alnum:]-]+ kernel: \[IPTABLES DROP\] : IN=eth[0-9] OUT= MAC=.*
+^\w{3} [ :0-9]{11} [._[:alnum:]-]+ kernel: \[IPTABLES DROP\] : IN=.*DPT=22
+^\w{3} [ :0-9]{11} [._[:alnum:]-]+ kernel: \[[0-9.]+\] \[IPTABLES DROP\] : IN=eth0 OUT= MAC=.*
+^\w{3} [ :0-9]{11} [._[:alnum:]-]+ kernel: \[[0-9.]+\] \[IPTABLES DROP\] : IN=.*DPT=22

logcheck/evolix_log2mail

@@ -0,0 +1 @@
+^\w{3} [ :0-9]{11} [._[:alnum:]-]+ log2mail\[[0-9]+\]: Logfile [.[:alnum:]/]+ rotated. Listening to new file.$

logcheck/evolix_mysql

@@ -0,0 +1,2 @@
+^\w{3} [ :0-9]{11} [._[:alnum:]-]+ mysqld: [0-9]+ [ :0-9]{8} \[Warning\] Statement may not be safe to log in statement format.
+^\w{3} [ :0-9]{11} [._[:alnum:]-]+ mysqld: [0-9]+ [ :0-9]{8} \[Warning\] Unsafe statement written to the binary log using statement format since BINLOG_FORMAT = STATEMENT.

logcheck/evolix_nrpe

@@ -0,0 +1,2 @@
+^\w{3} [ :0-9]{11} [._[:alnum:]-]+ nrpe\[[0-9]+\]: Could not read request from client, bailing out...$
+^\w{3} [ :0-9]{11} [._[:alnum:]-]+ nrpe\[[0-9]+\]: INFO: SSL Socket Shutdown.$

logcheck/evolix_ntpd

@@ -0,0 +1,3 @@
+^\w{3} [ :0-9]{11} [._[:alnum:]-]+ ntpd\[[0-9]+\]: clock is now [[:alnum:]]+$
+^\w{3} [ :0-9]{11} [._[:alnum:]-]+ ntpd\[[0-9]+\]: kernel time sync status change 4001$
+^\w{3} [ :0-9]{11} [._[:alnum:]-]+ ntpd\[[0-9]+\]: kernel time sync status change 0001$

logcheck/evolix_php

@@ -0,0 +1,7 @@
+^\w{3} [ :0-9]{11} [._[:alnum:]-]+ suhosin\[[0-9]+\]: ALERT - Include filename \([^)]+\) is an URL that is not allowed \(attacker.+$
+^\w{3} [ :0-9]{11} [._[:alnum:]-]+ suhosin\[[0-9]+\]: ALERT - tried to register forbidden variable '_REQUEST' through POST variables \(attacker.+$
+^\w{3} [ :0-9]{11} [._[:alnum:]-]+ suhosin\[[0-9]+\]: ALERT - tried to register forbidden variable '_GET' through POST variables \(attacker.+$
+^\w{3} [ :0-9]{11} [._[:alnum:]-]+ suhosin\[[0-9]+\]: ALERT - tried to register forbidden variable '_SERVER\[\w+\]' through POST variables \(attacker.+$
+^\w{3} [ :0-9]{11} [._[:alnum:]-]+ suhosin\[[0-9]+\]: ALERT - script tried to increase memory_limit to [0-9]+ bytes which is above the allowed value.+fcargoet.+google-sitemap-generator.+$
+^\w{3} [ :0-9]{11} [._[:alnum:]-]+ suhosin\[[0-9]+\]: ALERT - ASCII-NUL chars not allowed within request variables.+$
+^\w{3} [ :0-9]{11} [._[:alnum:]-]+ suhosin\[[0-9]+\]: ALERT - script tried to disable memory_limit by setting it to a negative value -1 bytes which is not allowed \(attacker '[A-Za-z0-9._ ]+', file '[A-Za-z0-9._/ ]+'\)$

logcheck/evolix_proftp

@@ -0,0 +1,3 @@
+^\w{3} [ :0-9]{11} [._[:alnum:]-]+ proftpd\[[0-9]+\]: [._[:alnum:]-]+ - ProFTPD killed \(signal 15\)$
+^\w{3} [ :0-9]{11} [._[:alnum:]-]+ proftpd\[[0-9]+\]: [._[:alnum:]-]+ - ProFTPD 1.3.1 standalone mode SHUTDOWN$
+^\w{3} [ :0-9]{11} [._[:alnum:]-]+ proftpd\[[0-9]+\]: [._[:alnum:]-]+ - ProFTPD 1.3.1 \(stable\) \(built Tue Oct 27 10:09:08 UTC 2009\) standalone mode STARTUP$

logcheck/evolix_rsync

@@ -0,0 +1,2 @@
+^\w{3} [ :0-9]{11} [._[:alnum:]-]+ rsyncd\[[0-9]+\]: connect from [._[:alnum:]-]+ \([.[0-9]]+\)$
+^\w{3} [ :0-9]{11} [._[:alnum:]-]+ rsyncd\[[0-9]+\]: rsync allowed access on module [a-z]+ from [._[:alnum:]-]+ \([.[0-9]]+\)$

logcheck/evolix_rsyslogd

@@ -0,0 +1,2 @@
+^\w{3} [ :0-9]{11} [._[:alnum:]-]+ rsyslogd: -- MARK --$
+^\w{3} [ :0-9]{11} [._[:alnum:]-]+ rsyslogd: \[origin software="rsyslogd" swVersion="3.18.6" x-pid="[0-9]+" x-info="http://www.rsyslog.com"\] restart$

logcheck/evolix_saslauthd

@@ -0,0 +1,4 @@
+^\w{3} [ :0-9]{11} [._[:alnum:]-]+ saslauthd\[[0-9]+\]: Authentication failed for [.-\/[:alnum:]-]+: Bind to ldap server failed \(invalid user/password or insufficient access\) \(-7\)$
+^\w{3} [ :0-9]{11} [._[:alnum:]-]+ saslauthd\[[0-9]+\]: do_auth         : auth failure: \[user=[.[:alnum:]-]+\] \[service=smtp\] \[realm=[.[:alnum:]-]*\] \[mech=(ldap|pam)\] \[reason=(Unknown|PAM auth error)\]$'
+^\w{3} [ :0-9]{11} [._[:alnum:]-]+ saslauthd\[[0-9]+\]: pam_unix\(smtp:auth\): authentication failure; logname= uid=0 euid=0 tty= ruser= rhost=
+^\w{3} [ :0-9]{11} [._[:alnum:]-]+ saslauthd\[[0-9]+\]: DEBUG: auth_pam: pam_authenticate failed: User not known to the underlying authentication module$

logcheck/evolix_snmpd

@@ -0,0 +1 @@
+^\w{3} [ :0-9]{11} [._[:alnum:]-]+ snmpd\[[0-9]+\]: Connection from UDP:

logcheck/evolix_spamd

@@ -0,0 +1 @@
+^\w{3} [ :0-9]{11} [._[:alnum:]-]+ spamd.pid\[[0-9]+\]: spamd: restarting using '/usr/sbin/spamd --max-children 4 --ldap-config -x -u nobody -d --pidfile=/var/run/spamd.pid'$

logcheck/evolix_ssh

@@ -0,0 +1 @@
+^\w{3} [ :0-9]{11} [._[:alnum:]-]+ sshd\[[0-9]+\]: Received disconnect from [.0-9]+: 11:.*$

serveur-base.changelog

@@ -0,0 +1,69 @@
+serveur-base (0.5.0+evolix) stable; urgency=medium
+
+  * Handle as equivs
+
+ -- David Prévot <dprevot@evolix.fr>  Fri, 06 Jan 2023 16:19:38 +0100
+
+serveur-base (0.5.0) UNRELEASED; urgency=medium
+
+  * Release for Buster.
+
+ -- Gregory Colpart <reg@debian.org>  Mon, 10 Jul 2017 20:58:22 +0200
+
+serveur-base (0.4.0) UNRELEASED; urgency=medium
+
+  * Release for Stretch.
+
+ -- Gregory Colpart <reg@debian.org>  Mon, 10 Jul 2017 20:58:22 +0200
+
+serveur-base (0.3.4) UNRELEASED; urgency=medium
+
+  * Closes #1557: SSH Broken pipe when rebooting. Add libpam-systemd as depends.
+
+ -- Benoît SÉRIE <bserie@evolix.fr>  Tue, 29 Sep 2015 20:17:41 +0200
+
+serveur-base (0.3.3) UNRELEASED; urgency=low
+
+  * Fix bug: re-add "evocheck" in Depends.
+
+ -- Gregory Colpart <reg@debian.org>  Thu, 20 Aug 2015 20:53:56 +0200
+
+serveur-base (0.3.2) unstable; urgency=low
+
+  * Release for Jessie.
+  * Delete "apticron" in Depends. 
+
+ -- Gregory Colpart <reg@debian.org>  Fri, 07 Aug 2015 17:18:59 +0200
+
+serveur-base (0.3.1) UNRELEASED; urgency=low
+
+  * Improve logcheck rules + new Depends.
+
+ -- Gregory Colpart <reg@debian.org>  Sat, 15 Oct 2011 17:00:13 +0200
+
+serveur-base (0.3) UNRELEASED; urgency=low
+
+  * Prepare for Squeeze! 
+  * Use 'ntp' instead of 'openntpd' (see http://bugs.debian.org/306106) 
+  * Use now logcheck by default 
+
+ -- Gregory Colpart <reg@debian.org>  Thu, 25 Nov 2010 01:56:56 +0100
+
+serveur-base (0.2.1) UNRELEASED; urgency=low
+
+  * Add "evocheck" in Depends. 
+
+ -- Gregory Colpart <reg@debian.org>  Sun, 05 Jul 2009 13:00:41 +0200
+
+serveur-base (0.2) UNRELEASED; urgency=low
+
+  * I use now a "real" meta-package.
+  * Add "apticron" in Depends.
+
+ -- Gregory Colpart <reg@debian.org>  Sun,  9 Nov 2008 17:48:32 +0100
+
+serveur-base (0.0.1) UNRELEASED; urgency=low
+
+  * Initial release.
+
+ -- Gregory Colpart <reg@debian.org>  Tue,  2 Aug 2005 00:00:00 +0200

serveur-base.ctl

@@ -0,0 +1,21 @@
+Package: serveur-base
+Depends: ssh, vim, ntp, sudo, munin, munin-node, log2mail, less, bsd-mailx, logcheck, logcheck-database, screen, git, libpam-systemd
+Version: 0.5.0+evolix
+Description: Evolix 'serveur' installation components
+ This metapackage provides the essential components for
+ an installation of a Pack Evolix server.
+Files: logcheck/evolix_courier /etc/logcheck/ignore.d.server/
+ logcheck/evolix_iptables /etc/logcheck/ignore.d.server/
+ logcheck/evolix_log2mail /etc/logcheck/ignore.d.server/
+ logcheck/evolix_mysql /etc/logcheck/ignore.d.server/
+ logcheck/evolix_nrpe /etc/logcheck/ignore.d.server/
+ logcheck/evolix_ntpd /etc/logcheck/ignore.d.server/
+ logcheck/evolix_php /etc/logcheck/ignore.d.server/
+ logcheck/evolix_proftp /etc/logcheck/ignore.d.server/
+ logcheck/evolix_rsync /etc/logcheck/ignore.d.server/
+ logcheck/evolix_rsyslogd /etc/logcheck/ignore.d.server/
+ logcheck/evolix_saslauthd /etc/logcheck/ignore.d.server/
+ logcheck/evolix_snmpd /etc/logcheck/ignore.d.server/
+ logcheck/evolix_spamd /etc/logcheck/ignore.d.server/
+ logcheck/evolix_ssh /etc/logcheck/ignore.d.server/
+Changelog: serveur-base.changelog