- 追加された行はこの色です。
- 削除された行はこの色です。
#author("2021-08-24T06:23:24+09:00","default:kuji","kuji")
#author("2021-08-26T08:57:32+09:00","default:kuji","kuji")
CONTENTS
#contents
----
Lastmodified &lastmod;
----
*logcheck [#r77221cd]
【参考URL】https://bellett.moe.hm/index.php/2018/06/26/freebsd-11-install-logcheck/
portupgrade -ar --batch をした後から、一時間に1回程度の割合で以下の様なメールが着信するようになった。
From: Cron Daemon <logcheck@sun1.smb.net>
To: root@sun1.smb.net
Subject: Cron <logcheck@sun1> if [ -x /usr/local/sbin/logcheck ]; then nice -n10 /usr/local/sbin/logcheck; fi
ls: /usr/local/etc/logcheck/cracking.d: Permission denied
ls: /usr/local/etc/logcheck/violations.d: Permission denied
ls: /usr/local/etc/logcheck/violations.ignore.d: Permission denied
ls: /usr/local/etc/logcheck/ignore.d.server: Permission denied
ls: /usr/local/etc/logcheck/ignore.d.paranoid: Permission denied
コンソールからコマンドを打つと
# root@sun1:/var/log:21_08_18:9:50 # su -m logcheck -c "/usr/local/bin/bash /usr/local/sbin/logcheck"
ls: /usr/local/etc/logcheck/cracking.d: Permission denied
ls: /usr/local/etc/logcheck/violations.d: Permission denied
ls: /usr/local/etc/logcheck/violations.ignore.d: Permission denied
ls: /usr/local/etc/logcheck/ignore.d.server: Permission denied
ls: /usr/local/etc/logcheck/ignore.d.paranoid: Permission denied
と表示される。
ので、
# chown -R root:logcheck /usr/local/etc/logcheck
した。
毎時のpermission エラー は抑制されるが、さらに
# chown root:logcheck /var/log/auth.log
# chmod 640 /var/log/auth.log
/etc/mail/aliases
logcheck: root
# newaliases
----
/etc/mail/aliases へ
logcheck: root
というエイリアスを作成(書き込み)して、次のワンライナーを実行するヨロシ
newaliases && chown -R root:logcheck /usr/local/etc/logcheck && chown root:logcheck /var/log/auth.log && chmod 640 /var/log/auth.log && su -m logcheck -c "/usr/local/bin/bash /usr/local/sbin/logcheck"
root@kuji:~:21_08_26:8:36 # su -m logcheck -c "/usr/local/bin/bash /usr/local/sbin/logcheck"
ls: /usr/local/etc/logcheck/cracking.d: Permission denied
ls: /usr/local/etc/logcheck/violations.d: Permission denied
ls: /usr/local/etc/logcheck/violations.ignore.d: Permission denied
ls: /usr/local/etc/logcheck/ignore.d.server: Permission denied
ls: /usr/local/etc/logcheck/ignore.d.paranoid: Permission denied
root@kuji:~:21_08_26:8:37 # chown -R root:logcheck /usr/local/etc/logcheck
root@kuji:~:21_08_26:8:37 # su -m logcheck -c "/usr/local/bin/bash /usr/local/sbin/logcheck"
root@kuji:~:21_08_26:8:37 # chown root:logcheck /var/log/auth.log
root@kuji:~:21_08_26:8:37 # chmod 640 /var/log/auth.log
root@kuji:~:21_08_26:8:38 # newaliases
root@kuji:~:21_08_26:8:38 # newaliases
root@kuji:~:21_08_26:8:38 # su -m logcheck -c "/usr/local/bin/bash /usr/local/sbin/logcheck"
----
Total access &counter(total);:本日 &counter(today);:昨日 &counter(yesterday);
#counter([total|today|yesterday]);