[Logwatch] logwatch is DOA - strace -f output included from test.pl

Bjorn L. bl_logwatch2 at mblmail.net
Thu Oct 2 14:07:06 MST 2008


And if you don't find anything suspicious, try the following:

cd /usr/share/logwatch/default.conf
mv services services.old
cp -r services.old services

and then run the test.pl script again to see if it still hangs in the
same place.



Bjorn L. wrote:
> So it is hanging on the
>     while (defined($ThisFile = readdir(SERVICESDIR)))
> statement.  I can't think of a reason.  Any additional files in that
> directory?  Anything with unusual permissions?  As Mike mentioned, any
> SELinux error messages?
> 
> 
> Dale Morin wrote:
>> Bjorn,
>>
>> Thank you.
>>
>> I uploaded your script and added a print statement in the if block
>> saying "Inserted into array".  When I run it I get:
>>
>> 0> ./test2.pl
>> ThisFile is now evtapplication.conf
>> Inserted into array
>> End of if
>> ThisFile is now sendmail-largeboxes.conf
>> Inserted into array
>> End of if
>> ThisFile is now windows.conf
>> Inserted into array
>> End of if
>> ThisFile is now pop3.conf
>> Inserted into array
>> End of if
>> ThisFile is now .
>> End of if
>> ThisFile is now up2date.conf
>> Inserted into array
>> End of if
>> ThisFile is now zz-fortune.conf
>> Inserted into array
>> End of if
>> ThisFile is now shaperd.conf
>> Inserted into array
>> End of if
>> ThisFile is now sshd2.conf
>> Inserted into array
>> End of if
>> ThisFile is now sudo.conf
>> Inserted into array
>> End of if
>> ThisFile is now cron.conf
>> Inserted into array
>> End of if
>> ThisFile is now clamav-milter.conf
>> Inserted into array
>> End of if
>> ThisFile is now ipop3d.conf
>> Inserted into array
>> End of if
>> ThisFile is now zz-runtime.conf
>> Inserted into array
>> End of if
>> ThisFile is now identd.conf
>> Inserted into array
>> End of if
>> ThisFile is now pureftpd.conf
>> Inserted into array
>> End of if
>> ThisFile is now http.conf
>> Inserted into array
>> End of if
>> ThisFile is now iptables.conf
>> Inserted into array
>> End of if
>> ThisFile is now automount.conf
>> Inserted into array
>> End of if
>> ThisFile is now xntpd.conf
>> Inserted into array
>> End of if
>> ThisFile is now modprobe.conf
>> Inserted into array
>> End of if
>> ThisFile is now stunnel.conf
>> Inserted into array
>> End of if
>> ThisFile is now ..
>> End of if
>> ThisFile is now evtsystem.conf
>> Inserted into array
>> End of if
>> ThisFile is now named.conf
>> Inserted into array
>> End of if
>> ThisFile is now qmail-send.conf
>> Inserted into array
>> End of if
>> ThisFile is now eximstats.conf
>> Inserted into array
>> End of if
>> ThisFile is now vpopmail.conf
>> Inserted into array
>> End of if
>> ThisFile is now afpd.conf
>> Inserted into array
>> End of if
>> ThisFile is now pluto.conf
>> Inserted into array
>> End of if
>> ThisFile is now portsentry.conf
>> Inserted into array
>> End of if
>> ThisFile is now mailscanner.conf
>> Inserted into array
>> End of if
>> ThisFile is now dnssec.conf
>> Inserted into array
>> End of if
>> ThisFile is now resolver.conf
>> Inserted into array
>> End of if
>> ThisFile is now fail2ban.conf
>> Inserted into array
>> End of if
>> ThisFile is now php.conf
>> Inserted into array
>> End of if
>> ThisFile is now scsi.conf
>> Inserted into array
>> End of if
>> ThisFile is now smartd.conf
>> Inserted into array
>> End of if
>> ThisFile is now pix.conf
>> Inserted into array
>> End of if
>> ThisFile is now dpkg.conf
>> Inserted into array
>> End of if
>> ThisFile is now cisco.conf
>> Inserted into array
>> End of if
>> ThisFile is now clamav.conf
>> Inserted into array
>> End of if
>> ThisFile is now pound.conf
>> Inserted into array
>> End of if
>> ThisFile is now pam.conf
>> Inserted into array
>> End of if
>> ThisFile is now extreme-networks.conf
>> Inserted into array
>> End of if
>> ThisFile is now clam-update.conf
>> Inserted into array
>> End of if
>> ThisFile is now evtsecurity.conf
>> Inserted into array
>> End of if
>> ThisFile is now oidentd.conf
>> Inserted into array
>> End of if
>> ThisFile is now qmail-pop3d.conf
>> Inserted into array
>> End of if
>> ThisFile is now secure.conf
>> Inserted into array
>> End of if
>> ThisFile is now yum.conf
>> Inserted into array
>> End of if
>> ThisFile is now dovecot.conf
>> Inserted into array
>> End of if
>> ThisFile is now openvpn.conf
>> Inserted into array
>> End of if
>> ThisFile is now audit.conf
>> Inserted into array
>> End of if
>> ThisFile is now autorpm.conf
>> Inserted into array
>> End of if
>> ThisFile is now netopia.conf
>> Inserted into array
>> End of if
>> ThisFile is now qmail.conf
>> Inserted into array
>> End of if
>> ThisFile is now dhcpd.conf
>> Inserted into array
>> End of if
>> ThisFile is now exim.conf
>> Inserted into array
>> End of if
>> ThisFile is now imapd.conf
>> Inserted into array
>> End of if
>> ThisFile is now ftpd-xferlog.conf
>> Inserted into array
>> End of if
>> ThisFile is now bfd.conf
>> Inserted into array
>> End of if
>> ThisFile is now in.qpopper.conf
>> Inserted into array
>> End of if
>> ThisFile is now raid.conf
>> Inserted into array
>> End of if
>> ThisFile is now courier.conf
>> Inserted into array
>> End of if
>> ThisFile is now sendmail.conf
>> Inserted into array
>> End of if
>> ThisFile is now tac_acc.conf
>> Inserted into array
>> End of if
>> ThisFile is now ftpd-messages.conf
>> Inserted into array
>> End of if
>> ThisFile is now proftpd-messages.conf
>> Inserted into array
>> End of if
>> ThisFile is now init.conf
>> Inserted into array
>> End of if
>> ThisFile is now samba.conf
>> Inserted into array
>> End of if
>> ThisFile is now zz-sys.conf
>> Inserted into array
>> End of if
>> ThisFile is now mountd.conf
>> Inserted into array
>> End of if
>> ThisFile is now vsftpd.conf
>> Inserted into array
>> End of if
>> ThisFile is now qmail-smtpd.conf
>> Inserted into array
>> End of if
>> ThisFile is now netscreen.conf
>> Inserted into array
>> End of if
>> ThisFile is now saslauthd.conf
>> Inserted into array
>> End of if
>> ThisFile is now arpwatch.conf
>> Inserted into array
>> End of if
>> ThisFile is now pam_pwdb.conf
>> Inserted into array
>> End of if
>> ThisFile is now zz-network.conf
>> Inserted into array
>> End of if
>> ThisFile is now denyhosts.conf
>> Inserted into array
>> End of if
>> ThisFile is now kernel.conf
>> Inserted into array
>> End of if
>> ThisFile is now zz-disk_space.conf
>> Inserted into array
>> End of if
>> ThisFile is now qmail-pop3ds.conf
>> Inserted into array
>> End of if
>> ThisFile is now pam_unix.conf
>> Inserted into array
>> End of if
>> ThisFile is now postfix.conf
>> Inserted into array
>> End of if
>> ThisFile is now sonicwall.conf
>> Inserted into array
>> End of if
>> ThisFile is now emerge.conf
>> Inserted into array
>> End of if
>> ThisFile is now sshd.conf
>> Inserted into array
>> End of if
>> ThisFile is now rt314.conf
>> Inserted into array
>> End of if
>> ThisFile is now slon.conf
>> Inserted into array
>> End of if
>> ThisFile is now amavis.conf
>> Inserted into array
>> End of if
>> ThisFile is now syslogd.conf
>> Inserted into array
>> End of if
>>
>> There is no indication of any attempt to close the open directory.
>>
>> Here's the script I ran:
>>
>> #!/usr/bin/perl -w
>> my @services = ();
>> $BaseDir = "/usr/share/logwatch";
>> foreach my $ServicesDir ("$BaseDir/default.conf", "$BaseDir/dist.conf",
>> "/etc/logwatch/conf") {
>>    if (-d "$ServicesDir/services") {
>>       opendir(SERVICESDIR, "$ServicesDir/services") or
>>          die "$ServicesDir $!";
>>       while (defined($ThisFile = readdir(SERVICESDIR))) {
>>          print "ThisFile is now $ThisFile\n";
>>          if ((-f "$ServicesDir/services/$ThisFile") && (!grep
>> (/^$ThisFile$/, @services)) && ($ThisFile =~ /\.conf$/)) {
>>             push @services, $ThisFile;
>>             print "Inserted into array\n";
>>          }
>>          print "End of if\n";
>>       }
>>       print "Attempting to close directory $ServicesDir\n";
>>       closedir SERVICESDIR;
>>       print "Dir close done\n";
>>    }
>> }
>>
>> Thanks again for your assistance.
>>
>>
> _______________________________________________
> Logwatch mailing list
> Logwatch at logwatch.org
> http://www2.list.logwatch.org:81/mailman/listinfo/logwatch


More information about the Logwatch mailing list