From b3c008973762b81bf91ab5ef3683981f3c9e6fe0 Mon Sep 17 00:00:00 2001
From: Jonas Smedegaard <dr@jones.dk>
Date: Mon, 17 Mar 2003 12:37:25 +0000
Subject: Ignore PAM setrlimit considered security violations.

---
 logcheck/violations.ignore.d/libpam-modules | 1 +
 logcheck/violations.ignore.d/local          | 3 ++-
 2 files changed, 3 insertions(+), 1 deletion(-)
 create mode 100644 logcheck/violations.ignore.d/libpam-modules

(limited to 'logcheck')

diff --git a/logcheck/violations.ignore.d/libpam-modules b/logcheck/violations.ignore.d/libpam-modules
new file mode 100644
index 0000000..cbd3b4b
--- /dev/null
+++ b/logcheck/violations.ignore.d/libpam-modules
@@ -0,0 +1 @@
+pam_limits\[[0-9]+\]: setrlimit limit #[0-9]+ to soft=[-0-9]+, hard=[-0-9]+ failed: Operation not permitted; uid=[0-9]+ euid=[0-9]+$
\ No newline at end of file
diff --git a/logcheck/violations.ignore.d/local b/logcheck/violations.ignore.d/local
index f5c4f3f..b5107a3 100644
--- a/logcheck/violations.ignore.d/local
+++ b/logcheck/violations.ignore.d/local
@@ -14,7 +14,8 @@ named\[[0-9]+\]: zone .*: refresh: failure trying master .*: timed out
 ### violations.ignore.d/dhcp-client
 dhcpd(-2.2.x)?: (send_packet|fallback_discard): Connection refused$
 dhclient(-2.2.x)?: receive_packet failed on eth[0-9]: Network is down$
-### violations.ignore.d/misc
+### violations.ignore.d/libpam-modules
+pam_limits\[[0-9]+\]: setrlimit limit #[0-9]+ to soft=[-0-9]+, hard=[-0-9]+ failed: Operation not permitted; uid=[0-9]+ euid=[0-9]+$### violations.ignore.d/misc
 # This one shows up with firewalls blocking SMB ports non-silently
 kernel: Packet log: input DENY eth[0-9]+ PROTO=17 .*:137 .*:137 L=78 S=0x00 I=[0-9]+ F=0x0000 T=[0-9]+ \(#[0-9]+\)
 ### violations.ignore.d/netatalk.changes
-- 
cgit v1.2.3