Configuring logcheck

Support for security such as Firewalls and securing linux
Post Reply
marathonman
Posts: 26
Joined: 2008/04/27 14:47:18
Location: Revere, MA

Configuring logcheck

Post by marathonman » 2008/06/06 00:12:21

I installed and configured portsentry. I then installed logcheck 1.2.24 and when I tried to run it I got an error message like "missing lockfile-progs."

The documentation is poor (unless I just haven't found it) and I can't get it to run from the command line. It did apparently run and send an email to root the first day after I installed and configured it.

Anyone know this problem or where I can find resources/documentation?

Thanks in advance.

Bruce

gerald_clark
Posts: 10642
Joined: 2005/08/05 15:19:54
Location: Northern Illinois, USA

Configuring logcheck

Post by gerald_clark » 2008/06/06 13:41:36

You don't say where you got portsentry or logcheck, or how they were installed.
http://wiki.centos.org/AdditionalResources/Repositories?action=show&redirect=Repositories

If you are grabbing incompatible rpms from the net, or compiling from sources, then
you need to do your own dependency resolution.

It looks like you are missing 'lockfile-progs", whatever they are.
You might look for a forum at site where you obtained these programs.

marathonman
Posts: 26
Joined: 2008/04/27 14:47:18
Location: Revere, MA

Re: Configuring logcheck

Post by marathonman » 2008/06/09 23:09:01

[quote]
gerald_clark wrote:
You don't say where you got portsentry or logcheck, or how they were installed.
http://wiki.centos.org/AdditionalResources/Repositories?action=show&redirect=Repositories[/quote]

I'm embarrased to say I'm not certain where I got portsentry. I thought it was at the Cisco site but I can't find it there now. My next-best guess is sourceforge. I got logcheck from alioth.debian.org, where I was led from the logcheck.org site.

I compiled them from source. I tried yum but couldn't find logcheck there.

[quote]
If you are grabbing incompatible rpms from the net, or compiling from sources, then
you need to do your own dependency resolution.[/quote]

How would I do my own dependency resolution? Can I backtrack and use rpm? I have version 1.2.45 (I erred in my original email) and the rpm files I find are version 1.1.1.

I'm also starting to wonder if logwatch will do the same job. I just want reports on portsentry activity.

[quote]
It looks like you are missing 'lockfile-progs", whatever they are.
You might look for a forum at site where you obtained these programs.[/quote]

There doesn't seem to be a lot of info available on logcheck. There's a list on MARC but outside of a logcheck developer's list I could only find one unanswered message on "lockfile-progs."

Post Reply

Return to “CentOS 4 - Security Support”