wizard: auto-detect ssh.service correctly on deb distros when auth.log is missing (fix #2175) (#2176)

This commit is contained in:
mmetc 2023-04-19 11:09:39 +02:00 committed by GitHub
parent 3041023ed8
commit 0d1adfc7db
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
2 changed files with 13 additions and 6 deletions

2
debian/control vendored
View file

@ -1,6 +1,6 @@
Source: crowdsec Source: crowdsec
Maintainer: Crowdsec Team <debian@crowdsec.net> Maintainer: Crowdsec Team <debian@crowdsec.net>
Build-Depends: debhelper, jq, bash, git Build-Depends: debhelper, bash, git
Package: crowdsec Package: crowdsec
Architecture: any Architecture: any

View file

@ -60,14 +60,21 @@ ACTION=""
DEBUG_MODE="false" DEBUG_MODE="false"
FORCE_MODE="false" FORCE_MODE="false"
SUPPORTED_SERVICES='apache2 # the ssh service has different names on deb vs rpm-based distros
if [[ -f "/etc/debian_version" ]]; then
SSH_NAME="ssh"
else
SSH_NAME="sshd"
fi
SUPPORTED_SERVICES="apache2
httpd httpd
nginx nginx
sshd $SSH_NAME
mysql mysql
telnet telnet
smb smb
' "
HTTP_PLUGIN_BINARY="./plugins/notifications/http/notification-http" HTTP_PLUGIN_BINARY="./plugins/notifications/http/notification-http"
@ -162,7 +169,7 @@ detect_services () {
declare -A log_input_tags declare -A log_input_tags
log_input_tags[apache2]='type: apache2' log_input_tags[apache2]='type: apache2'
log_input_tags[nginx]='type: nginx' log_input_tags[nginx]='type: nginx'
log_input_tags[sshd]='type: syslog' log_input_tags[$SSH_NAME]='type: syslog'
log_input_tags[rsyslog]='type: syslog' log_input_tags[rsyslog]='type: syslog'
log_input_tags[telnet]='type: telnet' log_input_tags[telnet]='type: telnet'
log_input_tags[mysql]='type: mysql' log_input_tags[mysql]='type: mysql'
@ -172,7 +179,7 @@ log_input_tags[linux]="type: syslog"
declare -A log_locations declare -A log_locations
log_locations[apache2]='/var/log/apache2/*.log,/var/log/*httpd*.log,/var/log/httpd/*log' log_locations[apache2]='/var/log/apache2/*.log,/var/log/*httpd*.log,/var/log/httpd/*log'
log_locations[nginx]='/var/log/nginx/*.log,/usr/local/openresty/nginx/logs/*.log' log_locations[nginx]='/var/log/nginx/*.log,/usr/local/openresty/nginx/logs/*.log'
log_locations[sshd]='/var/log/auth.log,/var/log/sshd.log,/var/log/secure' log_locations[$SSH_NAME]='/var/log/auth.log,/var/log/sshd.log,/var/log/secure'
log_locations[rsyslog]='/var/log/syslog' log_locations[rsyslog]='/var/log/syslog'
log_locations[telnet]='/var/log/telnetd*.log' log_locations[telnet]='/var/log/telnetd*.log'
log_locations[mysql]='/var/log/mysql/error.log' log_locations[mysql]='/var/log/mysql/error.log'