Browse Source

Oops, use the *last* version of serveur-base package

jessie-dev-packproxy
Gregory Colpart 7 years ago
parent
commit
853300450d
  1. 4
      .gitignore
  2. 24
      serveur-base/debian/changelog
  3. 2
      serveur-base/debian/control
  4. 1
      serveur-base/debian/files
  5. 1
      serveur-base/debian/logcheck/evolix_courier
  6. 4
      serveur-base/debian/logcheck/evolix_iptables
  7. 1
      serveur-base/debian/logcheck/evolix_log2mail
  8. 2
      serveur-base/debian/logcheck/evolix_mysql
  9. 2
      serveur-base/debian/logcheck/evolix_nrpe
  10. 3
      serveur-base/debian/logcheck/evolix_ntpd
  11. 7
      serveur-base/debian/logcheck/evolix_php
  12. 3
      serveur-base/debian/logcheck/evolix_proftp
  13. 2
      serveur-base/debian/logcheck/evolix_rsync
  14. 2
      serveur-base/debian/logcheck/evolix_rsyslogd
  15. 4
      serveur-base/debian/logcheck/evolix_saslauthd
  16. 1
      serveur-base/debian/logcheck/evolix_snmpd
  17. 1
      serveur-base/debian/logcheck/evolix_spamd
  18. 1
      serveur-base/debian/logcheck/evolix_ssh
  19. 2
      serveur-base/debian/rules

4
.gitignore

@ -1,5 +1,5 @@
install-evolinux.sh
serveur-base_0.2_*
serveur-base_0.2\.*
serveur-base_*
serveur-base/build-stamp
serveur-base/debian/serveur-base*
serveur-base/debian/files

24
serveur-base/debian/changelog

@ -1,10 +1,30 @@
serveur-base (0.2.1) UNRELEASED; urgency=low
serveur-base (0.3.2) UNRELEASED; urgency=low
* Release fort Jessie.
* Release for Jessie.
* Delete "apticron" in Depends.
-- Gregory Colpart <reg@debian.org> Fri, 07 Aug 2015 17:18:59 +0200
serveur-base (0.3.1) UNRELEASED; urgency=low
* Improve logcheck rules + new Depends.
-- Gregory Colpart <reg@debian.org> Sat, 15 Oct 2011 17:00:13 +0200
serveur-base (0.3) UNRELEASED; urgency=low
* Prepare for Squeeze!
* Use 'ntp' instead of 'openntpd' (see http://bugs.debian.org/306106)
* Use now logcheck by default
-- Gregory Colpart <reg@debian.org> Thu, 25 Nov 2010 01:56:56 +0100
serveur-base (0.2.1) UNRELEASED; urgency=low
* Add "evocheck" in Depends.
-- Gregory Colpart <reg@debian.org> Sun, 05 Jul 2009 13:00:41 +0200
serveur-base (0.2) UNRELEASED; urgency=low
* I use now a "real" meta-package.

2
serveur-base/debian/control

@ -7,7 +7,7 @@ Build-Depends: debhelper
Package: serveur-base
Architecture: all
Depends: ssh, vim, quota, quotatool, ntpdate, ntp, sudo, munin, munin-node, log2mail, less, bsd-mailx, apt-listchanges, logcheck, logcheck-database, ${misc:Depends}
Depends: ssh, vim, ntp, sudo, munin, munin-node, log2mail, less, bsd-mailx, apt-listchanges, logcheck, logcheck-database, screen, git, ${misc:Depends}
Description: Evolix 'serveur' installation components
This metapackage provides the essential components for
an installation of a Pack Evolix server.

1
serveur-base/debian/files

@ -1 +0,0 @@
serveur-base_0.2.1_all.deb misc optional

1
serveur-base/debian/logcheck/evolix_courier

@ -0,0 +1 @@
^\w{3} [ :0-9]{11} [._[:alnum:]-]+ authdaemond: pam_unix\(imap:auth\): authentication failure; logname= uid=0 euid=0 tty= ruser= rhost=

4
serveur-base/debian/logcheck/evolix_iptables

@ -0,0 +1,4 @@
^\w{3} [ :0-9]{11} [._[:alnum:]-]+ kernel: \[IPTABLES DROP\] : IN=eth[0-9] OUT= MAC=.*
^\w{3} [ :0-9]{11} [._[:alnum:]-]+ kernel: \[IPTABLES DROP\] : IN=.*DPT=22
^\w{3} [ :0-9]{11} [._[:alnum:]-]+ kernel: \[[0-9.]+\] \[IPTABLES DROP\] : IN=eth0 OUT= MAC=.*
^\w{3} [ :0-9]{11} [._[:alnum:]-]+ kernel: \[[0-9.]+\] \[IPTABLES DROP\] : IN=.*DPT=22

1
serveur-base/debian/logcheck/evolix_log2mail

@ -0,0 +1 @@
^\w{3} [ :0-9]{11} [._[:alnum:]-]+ log2mail\[[0-9]+\]: Logfile [.[:alnum:]/]+ rotated. Listening to new file.$

2
serveur-base/debian/logcheck/evolix_mysql

@ -0,0 +1,2 @@
^\w{3} [ :0-9]{11} [._[:alnum:]-]+ mysqld: [0-9]+ [ :0-9]{8} \[Warning\] Statement may not be safe to log in statement format.
^\w{3} [ :0-9]{11} [._[:alnum:]-]+ mysqld: [0-9]+ [ :0-9]{8} \[Warning\] Unsafe statement written to the binary log using statement format since BINLOG_FORMAT = STATEMENT.

2
serveur-base/debian/logcheck/evolix_nrpe

@ -0,0 +1,2 @@
^\w{3} [ :0-9]{11} [._[:alnum:]-]+ nrpe\[[0-9]+\]: Could not read request from client, bailing out...$
^\w{3} [ :0-9]{11} [._[:alnum:]-]+ nrpe\[[0-9]+\]: INFO: SSL Socket Shutdown.$

3
serveur-base/debian/logcheck/evolix_ntpd

@ -0,0 +1,3 @@
^\w{3} [ :0-9]{11} [._[:alnum:]-]+ ntpd\[[0-9]+\]: clock is now [[:alnum:]]+$
^\w{3} [ :0-9]{11} [._[:alnum:]-]+ ntpd\[[0-9]+\]: kernel time sync status change 4001$
^\w{3} [ :0-9]{11} [._[:alnum:]-]+ ntpd\[[0-9]+\]: kernel time sync status change 0001$

7
serveur-base/debian/logcheck/evolix_php

@ -0,0 +1,7 @@
^\w{3} [ :0-9]{11} [._[:alnum:]-]+ suhosin\[[0-9]+\]: ALERT - Include filename \([^)]+\) is an URL that is not allowed \(attacker.+$
^\w{3} [ :0-9]{11} [._[:alnum:]-]+ suhosin\[[0-9]+\]: ALERT - tried to register forbidden variable '_REQUEST' through POST variables \(attacker.+$
^\w{3} [ :0-9]{11} [._[:alnum:]-]+ suhosin\[[0-9]+\]: ALERT - tried to register forbidden variable '_GET' through POST variables \(attacker.+$
^\w{3} [ :0-9]{11} [._[:alnum:]-]+ suhosin\[[0-9]+\]: ALERT - tried to register forbidden variable '_SERVER\[\w+\]' through POST variables \(attacker.+$
^\w{3} [ :0-9]{11} [._[:alnum:]-]+ suhosin\[[0-9]+\]: ALERT - script tried to increase memory_limit to [0-9]+ bytes which is above the allowed value.+fcargoet.+google-sitemap-generator.+$
^\w{3} [ :0-9]{11} [._[:alnum:]-]+ suhosin\[[0-9]+\]: ALERT - ASCII-NUL chars not allowed within request variables.+$
^\w{3} [ :0-9]{11} [._[:alnum:]-]+ suhosin\[[0-9]+\]: ALERT - script tried to disable memory_limit by setting it to a negative value -1 bytes which is not allowed \(attacker '[A-Za-z0-9._ ]+', file '[A-Za-z0-9._/ ]+'\)$

3
serveur-base/debian/logcheck/evolix_proftp

@ -0,0 +1,3 @@
^\w{3} [ :0-9]{11} [._[:alnum:]-]+ proftpd\[[0-9]+\]: [._[:alnum:]-]+ - ProFTPD killed \(signal 15\)$
^\w{3} [ :0-9]{11} [._[:alnum:]-]+ proftpd\[[0-9]+\]: [._[:alnum:]-]+ - ProFTPD 1.3.1 standalone mode SHUTDOWN$
^\w{3} [ :0-9]{11} [._[:alnum:]-]+ proftpd\[[0-9]+\]: [._[:alnum:]-]+ - ProFTPD 1.3.1 \(stable\) \(built Tue Oct 27 10:09:08 UTC 2009\) standalone mode STARTUP$

2
serveur-base/debian/logcheck/evolix_rsync

@ -0,0 +1,2 @@
^\w{3} [ :0-9]{11} [._[:alnum:]-]+ rsyncd\[[0-9]+\]: connect from [._[:alnum:]-]+ \([.[0-9]]+\)$
^\w{3} [ :0-9]{11} [._[:alnum:]-]+ rsyncd\[[0-9]+\]: rsync allowed access on module [a-z]+ from [._[:alnum:]-]+ \([.[0-9]]+\)$

2
serveur-base/debian/logcheck/evolix_rsyslogd

@ -0,0 +1,2 @@
^\w{3} [ :0-9]{11} [._[:alnum:]-]+ rsyslogd: -- MARK --$
^\w{3} [ :0-9]{11} [._[:alnum:]-]+ rsyslogd: \[origin software="rsyslogd" swVersion="3.18.6" x-pid="[0-9]+" x-info="http://www.rsyslog.com"\] restart$

4
serveur-base/debian/logcheck/evolix_saslauthd

@ -0,0 +1,4 @@
^\w{3} [ :0-9]{11} [._[:alnum:]-]+ saslauthd\[[0-9]+\]: Authentication failed for [.-\/[:alnum:]-]+: Bind to ldap server failed \(invalid user/password or insufficient access\) \(-7\)$
^\w{3} [ :0-9]{11} [._[:alnum:]-]+ saslauthd\[[0-9]+\]: do_auth : auth failure: \[user=[.[:alnum:]-]+\] \[service=smtp\] \[realm=[.[:alnum:]-]*\] \[mech=(ldap|pam)\] \[reason=(Unknown|PAM auth error)\]$'
^\w{3} [ :0-9]{11} [._[:alnum:]-]+ saslauthd\[[0-9]+\]: pam_unix\(smtp:auth\): authentication failure; logname= uid=0 euid=0 tty= ruser= rhost=
^\w{3} [ :0-9]{11} [._[:alnum:]-]+ saslauthd\[[0-9]+\]: DEBUG: auth_pam: pam_authenticate failed: User not known to the underlying authentication module$

1
serveur-base/debian/logcheck/evolix_snmpd

@ -0,0 +1 @@
^\w{3} [ :0-9]{11} [._[:alnum:]-]+ snmpd\[[0-9]+\]: Connection from UDP:

1
serveur-base/debian/logcheck/evolix_spamd

@ -0,0 +1 @@
^\w{3} [ :0-9]{11} [._[:alnum:]-]+ spamd.pid\[[0-9]+\]: spamd: restarting using '/usr/sbin/spamd --max-children 4 --ldap-config -x -u nobody -d --pidfile=/var/run/spamd.pid'$

1
serveur-base/debian/logcheck/evolix_ssh

@ -0,0 +1 @@
^\w{3} [ :0-9]{11} [._[:alnum:]-]+ sshd\[[0-9]+\]: Received disconnect from [.0-9]+: 11:.*$

2
serveur-base/debian/rules

@ -24,6 +24,8 @@ install: build
dh_testroot
dh_clean -k
dh_installdirs
mkdir -p debian/serveur-base/etc/logcheck/ignore.d.server
cp -a debian/logcheck/evolix_* debian/serveur-base/etc/logcheck/ignore.d.server/
# Build architecture-independent files here.
binary-arch: build install
# We have nothing to do by default.

Loading…
Cancel
Save