Hacking
Logwatch is a hugely useful program on two of our three Linux servers, summarizing “interesting” activity in an email to the admin (me) on a daily basis. I want it to be just as useful on the third server, but so far I’ve had a lot of garbage in the reports. I suspected something quirky with the version; the two servers which are working well are using version 4.3.1, which shipped with Red Hat 9, and the one I’m trying to install on a much older system (it’s still running the 2.2 Linux kernel) is 5.1, and it’s choking. I get a lot of error messages and junk in the listings.
I asked about this on the Logwatch support list nearly a month ago, and it’s been on my list of problems to solve for quite a while. Today I finally got an answer from the author; Logwatch is a Perl script, and the old server is running Perl 5.000something, a relatively geriatric Perl now that the Perl junkies are talking about v6. I’ve installed a newer Perl to run alongside the older one in order to run SpamAssassin, so what I need to do now is convince Logwatch to use the new Perl, not the old one.
I can either see if it can be done with an installation flag (that is, install the software from tarball and see if I can set an option flag somewhere saying, use this Perl, not that one) or I can take the existing install and hack it. To switch Perl versions, I need to change one line in each of several dozen component files. This means either learning sed, which may be too much for the task at hand, or hacking a quick Perl script together. My Perl is rusty, but that’s what the Camel Book is for.
Update: Hold the phone; I just got the email announcement that Logwatch 5.2 was just released. If I’m gonna hack, I should hack the new version, right?
Update to the update: Well, my Perl skills really stink. I wound up with a lot of extra (and empty) files and no idea where the failure was. So I wiped it, reinstalled, and made the path corrections manually. It works wonderfully now, but it took some hammering with a wrench. I worry that I’ll clobber all the changes if/when I upgrade to 5.3.
What’s the worry? Well, one of the nice things about this package is that it presents me, at the beginning of the day, with a nice, pretty list of hosts which had packets rejected by our firewall, as well as what ports they attempted to connect to. Something like getting phone numbers for everyone who checked your car-door handle to see if it was locked.
Now playing: Inarticulate Nature Boy from Inarticulate Nature Boy by Josh Clayton-Felt
![[Swinging off a dragger, Cundy's Harbor, Maine, July 4th, 2003]](/images/cundys_harbor.jpg)