From patchwork Wed Aug 28 10:04:45 2024
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
X-Patchwork-Submitter: Adolf Belka <adolf.belka@ipfire.org>
X-Patchwork-Id: 8062
Return-Path: <development-bounces@lists.ipfire.org>
Received: from mail01.ipfire.org (mail01.haj.ipfire.org [172.28.1.202])
	(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
	 key-exchange X25519 server-signature ECDSA (secp384r1) server-digest SHA384
	 client-signature RSA-PSS (4096 bits) client-digest SHA256)
	(Client CN "mail01.haj.ipfire.org", Issuer "R11" (verified OK))
	by web04.haj.ipfire.org (Postfix) with ESMTPS id 4Wv0QM3dzQz3wwl
	for <patchwork@web04.haj.ipfire.org>; Wed, 28 Aug 2024 10:04:59 +0000 (UTC)
Received: from mail02.haj.ipfire.org (mail02.haj.ipfire.org [172.28.1.201])
	(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
	 key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest
 SHA256
	 client-signature ECDSA (secp384r1) client-digest SHA384)
	(Client CN "mail02.haj.ipfire.org", Issuer "E5" (verified OK))
	by mail01.ipfire.org (Postfix) with ESMTPS id 4Wv0QK0b3yz17q;
	Wed, 28 Aug 2024 10:04:57 +0000 (UTC)
Received: from mail02.haj.ipfire.org (localhost [127.0.0.1])
	by mail02.haj.ipfire.org (Postfix) with ESMTP id 4Wv0QJ5d0Yz33GG;
	Wed, 28 Aug 2024 10:04:56 +0000 (UTC)
Received: from mail01.ipfire.org (mail01.haj.ipfire.org [172.28.1.202])
	(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
	 key-exchange X25519 server-signature ECDSA (secp384r1) server-digest SHA384
	 client-signature RSA-PSS (4096 bits) client-digest SHA256)
	(Client CN "mail01.haj.ipfire.org", Issuer "R11" (verified OK))
	by mail02.haj.ipfire.org (Postfix) with ESMTPS id 4Wv0QG0w8lz33BH
	for <development@lists.ipfire.org>; Wed, 28 Aug 2024 10:04:54 +0000 (UTC)
Received: from [127.0.0.1] (localhost [127.0.0.1])
	(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
	 key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest
 SHA256)
	(No client certificate requested)
	by mail01.ipfire.org (Postfix) with ESMTPSA id 4Wv0QF1jxTzM5;
	Wed, 28 Aug 2024 10:04:53 +0000 (UTC)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=ipfire.org;
 s=202003rsa;
	t=1724839493;
	h=from:from:reply-to:subject:subject:date:date:message-id:message-id:
	 to:to:cc:cc:mime-version:mime-version:
	 content-transfer-encoding:content-transfer-encoding;
	bh=DQQB0gsXQkdbnVlb0a08DxcLHXmtOZ9TjhZbrKNl3RY=;
	b=AJsDELJbSnsluKFMAIvFgkwS3paMTW1JzsrzgjQQwCWqmcxaAcvUmalVFwh2ecHZ/mittp
	DRUpuR1r62KhwyW5aX3IbDbCSoreJcHKulNUn07qbrEzvUNJflfsEnpAr57Q3L/N+6ViQh
	vu+/wiu/byppjfE9osNI91Z0/0ybC/h3peBcwHdSpEGXvPbcOD5dV1N6XW/V/lIEWfILzU
	8xn/UymBwSNgn3sfLPjvDnJ4OFBm+9fyXn/BWv/9hICWMcik+AuINez99NkkTBG6S7YhmN
	j60ByIDavNVnt8lSOwYVshnsmoB3wQ/6+EYYvG3Nw9dApn3GLjC9jQxcsLQDUw==
DKIM-Signature: v=1; a=ed25519-sha256; c=relaxed/relaxed; d=ipfire.org;
	s=202003ed25519; t=1724839493;
	h=from:from:reply-to:subject:subject:date:date:message-id:message-id:
	 to:to:cc:cc:mime-version:mime-version:
	 content-transfer-encoding:content-transfer-encoding;
	bh=DQQB0gsXQkdbnVlb0a08DxcLHXmtOZ9TjhZbrKNl3RY=;
	b=NNUKDpLL3onuSYqcTJcfGejDPNkWjs8bWkulxZzOePOuTBs/URbpKEMOr4MlLlzEY71TGI
	ySvM7m3UirJe/BAw==
From: Adolf Belka <adolf.belka@ipfire.org>
To: development@lists.ipfire.org
Subject: [PATCH 1/2] log.dat: Fix bug13762 - ssh logins not shown in system
 logs
Date: Wed, 28 Aug 2024 12:04:45 +0200
Message-ID: <20240828100446.6617-1-adolf.belka@ipfire.org>
MIME-Version: 1.0
Message-ID-Hash: J4N74UYJSCVIOSRBTMZPC3LRL4EK5RDR
X-Message-ID-Hash: J4N74UYJSCVIOSRBTMZPC3LRL4EK5RDR
X-MailFrom: adolf.belka@ipfire.org
X-Mailman-Rule-Misses: dmarc-mitigation; no-senders; approved; emergency;
 loop; banned-address; member-moderation; nonmember-moderation; administrivia;
 implicit-dest; max-recipients; max-size; news-moderation; no-subject;
 digests; suspicious-header
X-Mailman-Version: 3.3.8
Precedence: list
List-Id: IPFire development talk <development.lists.ipfire.org>
Archived-At: 
 <https://lists.ipfire.org/hyperkitty/list/development@lists.ipfire.org/message/J4N74UYJSCVIOSRBTMZPC3LRL4EK5RDR/>
List-Archive: 
 <https://lists.ipfire.org/hyperkitty/list/development@lists.ipfire.org/>
List-Help: <mailto:development-request@lists.ipfire.org?subject=help>
List-Owner: <mailto:development-owner@lists.ipfire.org>
List-Post: <mailto:development@lists.ipfire.org>
List-Subscribe: <mailto:development-join@lists.ipfire.org>
List-Unsubscribe: <mailto:development-leave@lists.ipfire.org>

- With the update of openssh to version 9.8 in CU187 the daemon was changed from sshd to
   sshd-session. Therefore the log.dat no longer finds any info related to the logins.
- This updates the section regex to look for both sshd and sshd-session.
- Tested out on my vm system and confirmed to work.
- This fix will make available all previous log info for sshd-session in the messages log
   as it continued to be stored, just could not be read by the WUI system log.

Fixes: bug13762
Tested-by: Adolf Belka <adolf.belka@ipfire.org>
Signed-off-by: Adolf Belka <adolf.belka@ipfire.org>
Tested-by: Bernhard Bitsch <bbitsch@ipfire.org>
Reviewed-by: Bernhard Bitsch <bbitsch@ipfire.org>
---
 html/cgi-bin/logs.cgi/log.dat | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/html/cgi-bin/logs.cgi/log.dat b/html/cgi-bin/logs.cgi/log.dat
index 01c382a0d..41f81e99d 100644
--- a/html/cgi-bin/logs.cgi/log.dat
+++ b/html/cgi-bin/logs.cgi/log.dat
@@ -75,7 +75,7 @@ my %sections = (
         'samba' => '(nmbd|smbd|winbind)\[\d+\]:',
         'suricata' => '(suricata: )',
         'squid' => '(squid\[.*\]: |squid: )',
-        'ssh' => '(sshd(?:\(.*\))?\[.*\]: )',
+        'ssh' => '(sshd(?:\(.*\))?\[.*\]: |sshd-session(?:\(.*\))?\[.*\]:)',
         'unbound' => '(unbound: \[.*?\])(.*:.*$)',
         'urlfilter bl' => '(installpackage\[urlfilter\]: )',
         'wireless' => '(hostapd:|kernel: ath.*:|kernel: wifi[0-9]:)',