On Mon, 21 Jul 2008 13:40:41 +0200 martin f krafft <[EMAIL PROTECTED]> wrote:
> also sprach Pavlos Parissis <[EMAIL PROTECTED]> [2008.07.21.1147 +0200]: > > the issue resides in 3rd and 4th line, the - character should be > > : for matching user:root and root:user strings. > > So maybe su changed the format *again*. You should file a wishlist > bug asking for [-:] to be used instead of plain -, ideally providing > a patch against the git HEAD, along with sample log output. > Instructions and additional information are here: > > http://wiki.logcheck.org/index.cgi/RuleSubmission > http://logcheck.org/git.html Thanks Martin for the confirmation on the bug. I'll file the bug report against logcheck-database packages and not to logcheck because /etc/logcheck/violations.d/su is provided by logcheck-database. # dpkg -S /etc/logcheck/violations.d/su logcheck-database: /etc/logcheck/violations.d/su Unfortunately, I can't use git at the moment thus I will include the comments which I wrote in this thread. Cheers, Pavlos -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
