[Logwatch] Cannot get logwatch to run on Solaris 7

Mark D. Nagel mnagel@willingminds.com
Tue, 25 Jun 2002 08:23:20 -0700


> bash-2.05# /etc/log.d/scripts/logwatch.pl
> id: illegal option -- u
> Usage: id [user]
>        id -a [user]
> id: illegal option -- g
> Usage: id [user]
>        id -a [user]
> chown: unknown user id .
> Argument "" isn't numeric in numeric eq (==) at ./scripts/logwatch.pl line
460.
> Argument "" isn't numeric in numeric eq (==) at ./scripts/logwatch.pl line
463.
> /tmplogwatch.3227 not owned by GID  (somebody is attempting a root
exploit!)

The script is using "nonstandard" flags to id.  The better answer is, fix
the script to use builtin uid/gid variables and avoid the unnecessary forks
altogether:

*** logwatch.pl.orig    Tue Jun 25 08:22:15 2002
--- logwatch.pl Tue Jun 25 08:22:55 2002
***************
*** 438,447 ****
        print "\nMade Temp Dir: " . $TempDir . " with mktemp\n";
     }
  } else {
!    my $uid = `id -u`;
!    my $gid = `id -g`;
!    chomp($uid);
!    chomp($gid);

     # Create the temporary directory...
     $TempDir = $Config{'tmpdir'} . "logwatch." . $$;
--- 438,445 ----
        print "\nMade Temp Dir: " . $TempDir . " with mktemp\n";
     }
  } else {
!    my $uid = $<;
!    my $gid = $(;

     # Create the temporary directory...
     $TempDir = $Config{'tmpdir'} . "logwatch." . $$;

Mark