[Bug 247389] 800.loginfail and 900.tcpwrap (/etc/periodic/security) don't produce output

[bugzilla-noreply at freebsd.org]

https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=247389

            Bug ID: 247389
           Summary: 800.loginfail and 900.tcpwrap (/etc/periodic/security)
                    don't produce output
           Product: Base System
           Version: 12.1-STABLE
          Hardware: Any
                OS: Any
            Status: New
          Severity: Affects Only Me
          Priority: ---
         Component: conf
          Assignee: bugs at FreeBSD.org
          Reporter: xaphod at sdf.org

/etc/periodic/security/800.loginfail
/etc/periodic/security/900.tcpwrap

Perhaps it's just me missing the bleeding obvious, but these two scripts appear
to be wired backwards, and therefore don't produce output.  Also, the egrep
regex in 800.loginfail doesn't work for me either.  A quick edit & test... and
all appears to work as intended.

--- 800.loginfail-old   2019-10-19 19:05:16.208356000 +0000
+++ 800.loginfail       2020-06-18 18:24:45.772960000 +0000
@@ -46,7 +46,7 @@
 yesterday=`date -v-1d "+%b %e "`

 catmsgs() {
-       find ${LOG} -name 'auth.log.*' -mtime -2 |
+       find ${LOG} -name 'messages.*' -mtime -2 |
            sort -t. -r -n -k 2,2 |
            while read f
            do
@@ -55,7 +55,7 @@
                    *.bz2)      bzcat -f $f;;
                esac
            done
-       [ -f ${LOG}/auth.log ] && cat $LOG/auth.log
+       [ -f ${LOG}/messages ] && cat $LOG/messages
 }

 rc=0
@@ -64,7 +64,7 @@
 then
        echo ""
        echo "${host} login failures:"
-       n=$(catmsgs | egrep -ia "^$yesterday.*:
.*\b(fail(ures?|ed)?|invalid|bad|illegal|auth.*error)\b" |
+       n=$(catmsgs | egrep -ia "^$yesterday.*:
.*\<(fail(ures?|ed)?|invalid|bad|illegal|auth.*error)\>" |
            tee /dev/stderr | wc -l)
        [ $n -gt 0 ] && rc=1 || rc=0
 fi
--- 900.tcpwrap-old     2019-10-19 19:05:16.224470000 +0000
+++ 900.tcpwrap 2020-06-18 18:24:07.948855000 +0000
@@ -46,7 +46,7 @@
 yesterday=`date -v-1d "+%b %e "`

 catmsgs() {
-       find ${LOG} -name 'messages.*' -mtime -2 |
+       find ${LOG} -name 'auth.log.*' -mtime -2 |
            sort -t. -r -n -k 2,2 |
            while read f
            do
@@ -55,7 +55,7 @@
                    *.bz2)      bzcat -f $f;;
                esac
            done
-       [ -f ${LOG}/messages ] && cat $LOG/messages
+       [ -f ${LOG}/auth.log ] && cat $LOG/auth.log
 }

 rc=0

-- 
You are receiving this mail because:
You are the assignee for the bug.