Note: Due to technical difficulties, the Archives are currently not up to date.
GMANE provides an alternative service for most mailing lists. c.f. bug 424647
On Wednesday 09 November 2005 05:42 am, Darren Davison wrote:
> On Wed, 2005-11-09 at 11:35 +0100, Harald Dumdey wrote:
> > Is there a 'solution' for that? Or do i have to write a shellscript...
>
> presumably a script dropped into /etc/cron.daily would do it. Along the
> lines of (nb: totally untested) ..?
>
> #!/bin/sh
>
> # mail address to send compressed logs to
> TO=your@...
>
> # the hex ID of your GPG key
> KEY=0xaabbcc99
>
> # which logs? *.0 will pick the most recently rotated set. You
> # can probably do better
> LOGS="/var/log/*.0"
>
> HOST=`cat /etc/conf.d/hostname`
> TODAY=`(date +"%y%m%d")`
> OUTFILE=/tmp/$HOST_$TODAY_logs.tbz2
>
> # tar/compress
> tar cjf $OUTFILE
>
> # encrypt
> gpg -r $KEY --encrypt-files $OUTFILE
You should probably ASCII Armor the file. More mail clients will understand
it as an OpenPGP attachment that way:
gpg -r $KEY --armor --encrypt-files $OUTFILE
> # send. Not sure how you do this without mutt..
> echo "Logs.." | mutt -s "$HOST logs for $TODAY" -a $OUTFILE.gpg $TO
echo "Logs.." | mutt -s "$HOST logs for $TODAY" -a $OUTFILE.asc $TO
> # clean up
> rm -f $OUTFILE $OUTFILE.gpg
rm -f $OUTFILE $OUTFILE.asc
Also, you should seriously consider making your compressed file in a RAM disk
instead of in /tmp, to avoid any issues with disk scanning. (I know these are
system logs that are already on the system disk in plain-text, but it never
hurts to think about what might get left behind somewhere).
If you happen to be a PHP programmer, the GPG Plugin for Squirrelmail
(installed with the squirrelmail ebuild) includes all the GPG functions, and
also includes functions for securely deleting temporary files.
Make sure you store the private key for this gpg keypair off the server in
question, so that you can decrypt the logs later.
Regards,
- Brian
--
gentoo-security@g.o mailing list
|
|
