fix(debian-logcheck): set syslog-summary basic replacement for Debian…

…11+/Ubuntu22.04+ with extra replace patterns, ensure custom TMP exists and correct owner
juju4 · Jul 14, 2024 · ceed222 · ceed222
1 parent c281c91
commit ceed222
Show file tree

Hide file tree

Showing 2 changed files with 39 additions and 2 deletions.
diff --git a/tasks/debian-logcheck.yml b/tasks/debian-logcheck.yml
@@ -1,4 +1,8 @@
 ---
+# syslog-summary package has been removed after Debian10/Ubuntu20.04
+# and no direct replacement => basic one
+# https://tracker.debian.org/pkg/syslog-summary
+# https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=198762
 
 - name: Logcheck additional configuration - ntpd ignore
   ansible.builtin.copy:
@@ -48,10 +52,16 @@
     - { regexp: '^#SYSLOGSUMMARY=0', replace: 'SYSLOGSUMMARY=1' }
     - { regexp: '^(#?)TMP=".*"', replace: 'TMP=/tmp/logcheck-temp-files' }
 
-- name: Ensure TMP dir exists
+- name: Ensure TMP dir exists now
+  ansible.builtin.file:
+    path: /tmp/logcheck-temp-files
+    owner: logcheck
+    mode: '0700'
+
+- name: Ensure TMP dir exists at reboot
   ansible.builtin.lineinfile:
     dest: /etc/cron.d/logcheck
-    line: '@reboot         logcheck    [ ! -d /tmp/logcheck-temp-files ] && install -d -m 700 /tmp/logcheck-temp-files'
+    line: '@reboot         logcheck    [ ! -d /tmp/logcheck-temp-files ] && install -d -o logcheck -m 700 /tmp/logcheck-temp-files'
     insertafter: '^@reboot         logcheck    if [ -x /usr/sbin/logcheck ]; then nice -n10 /usr/sbin/logcheck -R; fi'
     mode: '0644'
 
@@ -123,3 +133,12 @@
     mode: '0644'
     create: yes
   when: ansible_service_mgr == 'systemd'
+
+- name: Add basic replacement for syslog-summary if no package
+  ansible.builtin.template:
+    src: syslog-summary.j2
+    dest: /usr/bin/syslog-summary
+    mode: '0755'
+  when: >
+    (ansible_distribution == 'Debian' and ansible_distribution_major_version|int > 10) or
+    (ansible_distribution == 'Ubuntu' and ansible_distribution_major_version|int > 20)
diff --git a/templates/syslog-summary.j2 b/templates/syslog-summary.j2
@@ -0,0 +1,18 @@
+#!/bin/sh
+{{ ansible_managed }}
+# /usr/bin/syslog-summary
+# Basic replacement for dead package...
+# https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=198762
+
+for f in $*; do
+  if [ -r "$f" ]; then
+    list_files="$list_files $f";
+  else
+    no_files="$no_files $f"
+  fi
+done
+cat ${list_files} | sort | uniq -c | sort -nr | tee /tmp/syslog-summary.bak
+
+if [ "X${no_files}" != "X " ]; then
+>&2 echo "Warning: following syslog-summary arguments are not files or not readable: $no_files"
+fi