From mboxrd@z Thu Jan 1 00:00:00 1970 Received: from lists.gentoo.org ([140.105.134.102] helo=robin.gentoo.org) by nuthatch.gentoo.org with esmtp (Exim 4.50) id 1EZoQa-0006Vm-Qy for garchives@archives.gentoo.org; Wed, 09 Nov 2005 11:47:45 +0000 Received: from robin.gentoo.org (localhost [127.0.0.1]) by robin.gentoo.org (8.13.5/8.13.5) with SMTP id jA9Bk3L7031431; Wed, 9 Nov 2005 11:46:03 GMT Received: from bacall.davisononline.org (43-015.adsl.zetnet.co.uk [194.247.43.15]) by robin.gentoo.org (8.13.5/8.13.5) with ESMTP id jA9BgWah018776 for ; Wed, 9 Nov 2005 11:42:33 GMT Received: from garbo (garbo [192.168.1.101]) by bacall.davisononline.org (Postfix) with ESMTP id 6AF963CE8 for ; Wed, 9 Nov 2005 11:42:32 +0000 (GMT) Subject: Re: [gentoo-security] Advice about security solution From: Darren Davison To: gentoo-security@lists.gentoo.org In-Reply-To: <2fea035b0511090235i54bfdbaco@mail.gmail.com> References: <20051108222120.GJ14230@elmer.skumleren.net> <43712B15.2040608@speedexpress.net> <20051109081638.GK14230@elmer.skumleren.net> <20051109085542.64be4385@gentoo> <20051109100028.GL14230@elmer.skumleren.net> <2fea035b0511090235i54bfdbaco@mail.gmail.com> Content-Type: multipart/signed; micalg=pgp-sha1; protocol="application/pgp-signature"; boundary="=-NONaIEhGRhoMbgaQau6/" Organization: davisononline.org Date: Wed, 09 Nov 2005 11:42:31 +0000 Message-Id: <1131536552.24145.26.camel@garbo> Precedence: bulk List-Post: List-Help: List-Unsubscribe: List-Subscribe: List-Id: Gentoo Linux mail X-BeenThere: gentoo-security@gentoo.org Reply-to: gentoo-security@lists.gentoo.org Mime-Version: 1.0 X-Mailer: Evolution 2.2.3 X-Archives-Salt: 1c702043-5831-40d4-a7fb-d0aaa0b26e12 X-Archives-Hash: 0eca0ee521248cf6c4d07a5398855106 --=-NONaIEhGRhoMbgaQau6/ Content-Type: text/plain Content-Transfer-Encoding: quoted-printable On Wed, 2005-11-09 at 11:35 +0100, Harald Dumdey wrote: > Is there a 'solution' for that? Or do i have to write a shellscript... presumably a script dropped into /etc/cron.daily would do it. Along the lines of (nb: totally untested) ..? #!/bin/sh # mail address to send compressed logs to TO=3Dyour@remote.mail.address # the hex ID of your GPG key KEY=3D0xaabbcc99 # which logs? *.0 will pick the most recently rotated set. You # can probably do better LOGS=3D"/var/log/*.0" HOST=3D`cat /etc/conf.d/hostname` TODAY=3D`(date +"%y%m%d")` OUTFILE=3D/tmp/$HOST_$TODAY_logs.tbz2 # tar/compress tar cjf $OUTFILE # encrypt gpg -r $KEY --encrypt-files $OUTFILE # send. Not sure how you do this without mutt.. echo "Logs.." | mutt -s "$HOST logs for $TODAY" -a $OUTFILE.gpg $TO # clean up rm -f $OUTFILE $OUTFILE.gpg --=20 Darren Davison Public Key: 0xDD356B0D --=-NONaIEhGRhoMbgaQau6/ Content-Type: application/pgp-signature; name=signature.asc Content-Description: This is a digitally signed message part -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.1 (GNU/Linux) iD8DBQBDceCnKLMLAN01aw0RAod6AJ4nyG3jOUAO/xWvOCXxsyt6IJmzfQCfenw2 4BHgaLq0OvZ6yGNaO8xmEQA= =kI7J -----END PGP SIGNATURE----- --=-NONaIEhGRhoMbgaQau6/-- -- gentoo-security@gentoo.org mailing list