diff --git a/desktop-base.changelog b/desktop-base.changelog new file mode 100644 index 0000000..954222f --- /dev/null +++ b/desktop-base.changelog @@ -0,0 +1,34 @@ +desktop-base (1:0.4+evolix) stable; urgency=medium + + * Handle as equivs + + -- David Prévot Fri, 06 Jan 2023 16:19:38 +0100 + +desktop-base (1:0.4) UNRELEASED; urgency=low + + * Changes for stretch. + + -- Gregory Colpart Fri, 01 Sep 2017 02:03:19 +0200 + +desktop-base (1:0.3) UNRELEASED; urgency=low + + * Add perl-doc. + * Add ssh-askpass. + * Add manpages-dev. + * Add xfce4-clipman-plugin. + * I use now an 'epoch'. + * Remove sudo. + + -- Gregory Colpart Fri, 01 Sep 2017 02:00:29 +0200 + +desktop-base (0.2) UNRELEASED; urgency=low + + * I use now a "real" meta-package. + + -- Gregory Colpart Sat, 15 Nov 2008 22:34:50 +0100 + +desktop-base (0.0.1) UNRELEASED; urgency=low + + * Initial release. + + -- Gregory Colpart Tue, 5 Aug 2008 00:00:00 +0200 diff --git a/desktop-base.ctl b/desktop-base.ctl new file mode 100644 index 0000000..f3ef3e0 --- /dev/null +++ b/desktop-base.ctl @@ -0,0 +1,7 @@ +Package: desktop-base +Recommends: apg,apt-file,arping,asciidoc,audacious,bc,bsdgames,build-essential,devscripts,dlocate,dnsutils,docbook,docbook-xsl,elinks,ftp,git,gnupg,gpm,gv,hddtemp,hdparm,hevea,host,htop,firefox-esr,firefox-esr-l10n-fr,thunderbird,thunderbird-l10n-fr,ipcalc,irssi,keychain,ldap-utils,ldapvi,less,lftp,libnss-ldap,libpam-ldap,libtiff-tools,locate,lpr,lynx,manpages-dev,minicom,mtr,mutt,nfs-common,nmap,ntfs-3g,ntpdate,libreoffice,libreoffice-l10n-fr,openvpn,password-gorilla,pdftk,perl-doc,pidgin,postfix,procmail,rdesktop,rxvt-unicode,screen,ssh,ssh-askpass,sshfs,streamtuner,subversion,t1-cyrillic,tcpdump,telnet,texlive,texlive-latex-extra,traceroute,trickle,vim,vlc,whois,wodim,xfce4,xfce4-clipman-plugin,xpdf,xsane,xscreensaver,xtrlock,zip,sxiv,clusterssh +Version: 1:0.4+evolix +Description: Evolix 'desktop' installation components + This metapackage provides the essential components for + an installation of an Evolix desktop computer. +Changelog: desktop-base.changelog diff --git a/logcheck/evolix_courier b/logcheck/evolix_courier new file mode 100644 index 0000000..aaa1ae0 --- /dev/null +++ b/logcheck/evolix_courier @@ -0,0 +1 @@ +^\w{3} [ :0-9]{11} [._[:alnum:]-]+ authdaemond: pam_unix\(imap:auth\): authentication failure; logname= uid=0 euid=0 tty= ruser= rhost= diff --git a/logcheck/evolix_iptables b/logcheck/evolix_iptables new file mode 100644 index 0000000..71469a9 --- /dev/null +++ b/logcheck/evolix_iptables @@ -0,0 +1,4 @@ +^\w{3} [ :0-9]{11} [._[:alnum:]-]+ kernel: \[IPTABLES DROP\] : IN=eth[0-9] OUT= MAC=.* +^\w{3} [ :0-9]{11} [._[:alnum:]-]+ kernel: \[IPTABLES DROP\] : IN=.*DPT=22 +^\w{3} [ :0-9]{11} [._[:alnum:]-]+ kernel: \[[0-9.]+\] \[IPTABLES DROP\] : IN=eth0 OUT= MAC=.* +^\w{3} [ :0-9]{11} [._[:alnum:]-]+ kernel: \[[0-9.]+\] \[IPTABLES DROP\] : IN=.*DPT=22 diff --git a/logcheck/evolix_log2mail b/logcheck/evolix_log2mail new file mode 100644 index 0000000..9141c22 --- /dev/null +++ b/logcheck/evolix_log2mail @@ -0,0 +1 @@ +^\w{3} [ :0-9]{11} [._[:alnum:]-]+ log2mail\[[0-9]+\]: Logfile [.[:alnum:]/]+ rotated. Listening to new file.$ diff --git a/logcheck/evolix_mysql b/logcheck/evolix_mysql new file mode 100644 index 0000000..7798118 --- /dev/null +++ b/logcheck/evolix_mysql @@ -0,0 +1,2 @@ +^\w{3} [ :0-9]{11} [._[:alnum:]-]+ mysqld: [0-9]+ [ :0-9]{8} \[Warning\] Statement may not be safe to log in statement format. +^\w{3} [ :0-9]{11} [._[:alnum:]-]+ mysqld: [0-9]+ [ :0-9]{8} \[Warning\] Unsafe statement written to the binary log using statement format since BINLOG_FORMAT = STATEMENT. diff --git a/logcheck/evolix_nrpe b/logcheck/evolix_nrpe new file mode 100644 index 0000000..57a079d --- /dev/null +++ b/logcheck/evolix_nrpe @@ -0,0 +1,2 @@ +^\w{3} [ :0-9]{11} [._[:alnum:]-]+ nrpe\[[0-9]+\]: Could not read request from client, bailing out...$ +^\w{3} [ :0-9]{11} [._[:alnum:]-]+ nrpe\[[0-9]+\]: INFO: SSL Socket Shutdown.$ diff --git a/logcheck/evolix_ntpd b/logcheck/evolix_ntpd new file mode 100644 index 0000000..833ac1f --- /dev/null +++ b/logcheck/evolix_ntpd @@ -0,0 +1,3 @@ +^\w{3} [ :0-9]{11} [._[:alnum:]-]+ ntpd\[[0-9]+\]: clock is now [[:alnum:]]+$ +^\w{3} [ :0-9]{11} [._[:alnum:]-]+ ntpd\[[0-9]+\]: kernel time sync status change 4001$ +^\w{3} [ :0-9]{11} [._[:alnum:]-]+ ntpd\[[0-9]+\]: kernel time sync status change 0001$ diff --git a/logcheck/evolix_php b/logcheck/evolix_php new file mode 100644 index 0000000..ea9a894 --- /dev/null +++ b/logcheck/evolix_php @@ -0,0 +1,7 @@ +^\w{3} [ :0-9]{11} [._[:alnum:]-]+ suhosin\[[0-9]+\]: ALERT - Include filename \([^)]+\) is an URL that is not allowed \(attacker.+$ +^\w{3} [ :0-9]{11} [._[:alnum:]-]+ suhosin\[[0-9]+\]: ALERT - tried to register forbidden variable '_REQUEST' through POST variables \(attacker.+$ +^\w{3} [ :0-9]{11} [._[:alnum:]-]+ suhosin\[[0-9]+\]: ALERT - tried to register forbidden variable '_GET' through POST variables \(attacker.+$ +^\w{3} [ :0-9]{11} [._[:alnum:]-]+ suhosin\[[0-9]+\]: ALERT - tried to register forbidden variable '_SERVER\[\w+\]' through POST variables \(attacker.+$ +^\w{3} [ :0-9]{11} [._[:alnum:]-]+ suhosin\[[0-9]+\]: ALERT - script tried to increase memory_limit to [0-9]+ bytes which is above the allowed value.+fcargoet.+google-sitemap-generator.+$ +^\w{3} [ :0-9]{11} [._[:alnum:]-]+ suhosin\[[0-9]+\]: ALERT - ASCII-NUL chars not allowed within request variables.+$ +^\w{3} [ :0-9]{11} [._[:alnum:]-]+ suhosin\[[0-9]+\]: ALERT - script tried to disable memory_limit by setting it to a negative value -1 bytes which is not allowed \(attacker '[A-Za-z0-9._ ]+', file '[A-Za-z0-9._/ ]+'\)$ diff --git a/logcheck/evolix_proftp b/logcheck/evolix_proftp new file mode 100644 index 0000000..810a372 --- /dev/null +++ b/logcheck/evolix_proftp @@ -0,0 +1,3 @@ +^\w{3} [ :0-9]{11} [._[:alnum:]-]+ proftpd\[[0-9]+\]: [._[:alnum:]-]+ - ProFTPD killed \(signal 15\)$ +^\w{3} [ :0-9]{11} [._[:alnum:]-]+ proftpd\[[0-9]+\]: [._[:alnum:]-]+ - ProFTPD 1.3.1 standalone mode SHUTDOWN$ +^\w{3} [ :0-9]{11} [._[:alnum:]-]+ proftpd\[[0-9]+\]: [._[:alnum:]-]+ - ProFTPD 1.3.1 \(stable\) \(built Tue Oct 27 10:09:08 UTC 2009\) standalone mode STARTUP$ diff --git a/logcheck/evolix_rsync b/logcheck/evolix_rsync new file mode 100644 index 0000000..20f8ad6 --- /dev/null +++ b/logcheck/evolix_rsync @@ -0,0 +1,2 @@ +^\w{3} [ :0-9]{11} [._[:alnum:]-]+ rsyncd\[[0-9]+\]: connect from [._[:alnum:]-]+ \([.[0-9]]+\)$ +^\w{3} [ :0-9]{11} [._[:alnum:]-]+ rsyncd\[[0-9]+\]: rsync allowed access on module [a-z]+ from [._[:alnum:]-]+ \([.[0-9]]+\)$ diff --git a/logcheck/evolix_rsyslogd b/logcheck/evolix_rsyslogd new file mode 100644 index 0000000..19915e4 --- /dev/null +++ b/logcheck/evolix_rsyslogd @@ -0,0 +1,2 @@ +^\w{3} [ :0-9]{11} [._[:alnum:]-]+ rsyslogd: -- MARK --$ +^\w{3} [ :0-9]{11} [._[:alnum:]-]+ rsyslogd: \[origin software="rsyslogd" swVersion="3.18.6" x-pid="[0-9]+" x-info="http://www.rsyslog.com"\] restart$ diff --git a/logcheck/evolix_saslauthd b/logcheck/evolix_saslauthd new file mode 100644 index 0000000..a19c8b4 --- /dev/null +++ b/logcheck/evolix_saslauthd @@ -0,0 +1,4 @@ +^\w{3} [ :0-9]{11} [._[:alnum:]-]+ saslauthd\[[0-9]+\]: Authentication failed for [.-\/[:alnum:]-]+: Bind to ldap server failed \(invalid user/password or insufficient access\) \(-7\)$ +^\w{3} [ :0-9]{11} [._[:alnum:]-]+ saslauthd\[[0-9]+\]: do_auth : auth failure: \[user=[.[:alnum:]-]+\] \[service=smtp\] \[realm=[.[:alnum:]-]*\] \[mech=(ldap|pam)\] \[reason=(Unknown|PAM auth error)\]$' +^\w{3} [ :0-9]{11} [._[:alnum:]-]+ saslauthd\[[0-9]+\]: pam_unix\(smtp:auth\): authentication failure; logname= uid=0 euid=0 tty= ruser= rhost= +^\w{3} [ :0-9]{11} [._[:alnum:]-]+ saslauthd\[[0-9]+\]: DEBUG: auth_pam: pam_authenticate failed: User not known to the underlying authentication module$ diff --git a/logcheck/evolix_snmpd b/logcheck/evolix_snmpd new file mode 100644 index 0000000..3c7b567 --- /dev/null +++ b/logcheck/evolix_snmpd @@ -0,0 +1 @@ +^\w{3} [ :0-9]{11} [._[:alnum:]-]+ snmpd\[[0-9]+\]: Connection from UDP: diff --git a/logcheck/evolix_spamd b/logcheck/evolix_spamd new file mode 100644 index 0000000..1fcb48e --- /dev/null +++ b/logcheck/evolix_spamd @@ -0,0 +1 @@ +^\w{3} [ :0-9]{11} [._[:alnum:]-]+ spamd.pid\[[0-9]+\]: spamd: restarting using '/usr/sbin/spamd --max-children 4 --ldap-config -x -u nobody -d --pidfile=/var/run/spamd.pid'$ diff --git a/logcheck/evolix_ssh b/logcheck/evolix_ssh new file mode 100644 index 0000000..d2e6638 --- /dev/null +++ b/logcheck/evolix_ssh @@ -0,0 +1 @@ +^\w{3} [ :0-9]{11} [._[:alnum:]-]+ sshd\[[0-9]+\]: Received disconnect from [.0-9]+: 11:.*$ diff --git a/serveur-base.changelog b/serveur-base.changelog new file mode 100644 index 0000000..4e59d21 --- /dev/null +++ b/serveur-base.changelog @@ -0,0 +1,69 @@ +serveur-base (0.5.0+evolix) stable; urgency=medium + + * Handle as equivs + + -- David Prévot Fri, 06 Jan 2023 16:19:38 +0100 + +serveur-base (0.5.0) UNRELEASED; urgency=medium + + * Release for Buster. + + -- Gregory Colpart Mon, 10 Jul 2017 20:58:22 +0200 + +serveur-base (0.4.0) UNRELEASED; urgency=medium + + * Release for Stretch. + + -- Gregory Colpart Mon, 10 Jul 2017 20:58:22 +0200 + +serveur-base (0.3.4) UNRELEASED; urgency=medium + + * Closes #1557: SSH Broken pipe when rebooting. Add libpam-systemd as depends. + + -- Benoît SÉRIE Tue, 29 Sep 2015 20:17:41 +0200 + +serveur-base (0.3.3) UNRELEASED; urgency=low + + * Fix bug: re-add "evocheck" in Depends. + + -- Gregory Colpart Thu, 20 Aug 2015 20:53:56 +0200 + +serveur-base (0.3.2) unstable; urgency=low + + * Release for Jessie. + * Delete "apticron" in Depends. + + -- Gregory Colpart Fri, 07 Aug 2015 17:18:59 +0200 + +serveur-base (0.3.1) UNRELEASED; urgency=low + + * Improve logcheck rules + new Depends. + + -- Gregory Colpart Sat, 15 Oct 2011 17:00:13 +0200 + +serveur-base (0.3) UNRELEASED; urgency=low + + * Prepare for Squeeze! + * Use 'ntp' instead of 'openntpd' (see http://bugs.debian.org/306106) + * Use now logcheck by default + + -- Gregory Colpart Thu, 25 Nov 2010 01:56:56 +0100 + +serveur-base (0.2.1) UNRELEASED; urgency=low + + * Add "evocheck" in Depends. + + -- Gregory Colpart Sun, 05 Jul 2009 13:00:41 +0200 + +serveur-base (0.2) UNRELEASED; urgency=low + + * I use now a "real" meta-package. + * Add "apticron" in Depends. + + -- Gregory Colpart Sun, 9 Nov 2008 17:48:32 +0100 + +serveur-base (0.0.1) UNRELEASED; urgency=low + + * Initial release. + + -- Gregory Colpart Tue, 2 Aug 2005 00:00:00 +0200 diff --git a/serveur-base.ctl b/serveur-base.ctl new file mode 100644 index 0000000..c6dca1b --- /dev/null +++ b/serveur-base.ctl @@ -0,0 +1,21 @@ +Package: serveur-base +Depends: ssh, vim, ntp, sudo, munin, munin-node, log2mail, less, bsd-mailx, logcheck, logcheck-database, screen, git, libpam-systemd +Version: 0.5.0+evolix +Description: Evolix 'serveur' installation components + This metapackage provides the essential components for + an installation of a Pack Evolix server. +Files: logcheck/evolix_courier /etc/logcheck/ignore.d.server/ + logcheck/evolix_iptables /etc/logcheck/ignore.d.server/ + logcheck/evolix_log2mail /etc/logcheck/ignore.d.server/ + logcheck/evolix_mysql /etc/logcheck/ignore.d.server/ + logcheck/evolix_nrpe /etc/logcheck/ignore.d.server/ + logcheck/evolix_ntpd /etc/logcheck/ignore.d.server/ + logcheck/evolix_php /etc/logcheck/ignore.d.server/ + logcheck/evolix_proftp /etc/logcheck/ignore.d.server/ + logcheck/evolix_rsync /etc/logcheck/ignore.d.server/ + logcheck/evolix_rsyslogd /etc/logcheck/ignore.d.server/ + logcheck/evolix_saslauthd /etc/logcheck/ignore.d.server/ + logcheck/evolix_snmpd /etc/logcheck/ignore.d.server/ + logcheck/evolix_spamd /etc/logcheck/ignore.d.server/ + logcheck/evolix_ssh /etc/logcheck/ignore.d.server/ +Changelog: serveur-base.changelog