--- /dev/null
+# The following commands need to be executed by logwatch in case there's an MD Raid
+logwatch ALL=(root) NOPASSWD: /sbin/mdadm --misc --detail /dev/md*, /sbin/mdadm --detail --scan
#etc/logwatch/logwatch.cron
etc/logwatch/scripts
etc/logwatch/scripts/services
+#etc/sudoers.d
+etc/sudoers.d/logwatch-mdadm
usr/sbin/logwatch
#usr/share/logwatch
#usr/share/logwatch/HOWTO-Customize-LogWatch
#usr/share/logwatch/default.conf/services/knockd.conf
#usr/share/logwatch/default.conf/services/lvm.conf
#usr/share/logwatch/default.conf/services/mailscanner.conf
-#usr/share/logwatch/default.conf/services/mdadm.conf
+usr/share/logwatch/default.conf/services/mdadm.conf
#usr/share/logwatch/default.conf/services/mod_security2.conf
usr/share/logwatch/default.conf/services/modprobe.conf
#usr/share/logwatch/default.conf/services/mountd.conf
#usr/share/logwatch/scripts/services/knockd
#usr/share/logwatch/scripts/services/lvm
#usr/share/logwatch/scripts/services/mailscanner
-#usr/share/logwatch/scripts/services/mdadm
+usr/share/logwatch/scripts/services/mdadm
#usr/share/logwatch/scripts/services/mod_security2
usr/share/logwatch/scripts/services/modprobe
#usr/share/logwatch/scripts/services/mountd
cd $(DIR_APP)/lib && patch < $(DIR_SRC)/src/patches/logwatch/logwatch-7.3.6-date_manip6.patch
cd $(DIR_APP) && patch -Np1 -i $(DIR_SRC)/src/patches/logwatch/logwatch-7.5.4-disable_iptables.patch
+ cd $(DIR_APP) && patch -Np1 -i $(DIR_SRC)/src/patches/logwatch/logwatch-7.5.5-enable-mdadm-sudo.patch
@cd $(DIR_APP) && chmod 755 install_logwatch.sh
cd $(DIR_APP) && yes "" | ./install_logwatch.sh
chmod -v 755 /var/log/logwatch
-rm -rf /etc/logwatch/conf
ln -vsf /usr/share/logwatch/default.conf /etc/logwatch/conf
-
+
+ -mkdir -p /etc/sudoers.d
+ chmod -v 755 /etc/sudoers.d
+ install -v -m 644 $(DIR_SRC)/config/logwatch/sudoers/logwatch-mdadm \
+ /etc/sudoers.d/logwatch-mdadm
+
@rm -rf $(DIR_APP)
@$(POSTBUILD)
--- /dev/null
+diff -Naur logwatch-7.5.5-orig/conf/services/mdadm.conf logwatch-7.5.5/conf/services/mdadm.conf
+--- logwatch-7.5.5-orig/conf/services/mdadm.conf 2021-01-22 21:59:40.000000000 +0100
++++ logwatch-7.5.5/conf/services/mdadm.conf 2021-10-04 13:52:30.850057355 +0200
+@@ -13,7 +13,7 @@
+ # Logwatch will try to find md devices in /etc/mdadm.conf or
+ # /etc/mdadm/mdadm.conf. If none of these files exist it can scan actively
+ # for md devices. Set to 'Yes' to enable active scanning:
+-$mdadm_enable_scan = No
++$mdadm_enable_scan = Yes
+
+ # Logwatch will emit an error for md devices listed in /etc/mdadm.conf
+ # that are not present. If you do not want this (e.g. raid devices may come
+diff -Naur logwatch-7.5.5-orig/scripts/services/mdadm logwatch-7.5.5/scripts/services/mdadm
+--- logwatch-7.5.5-orig/scripts/services/mdadm 2021-01-22 21:59:40.000000000 +0100
++++ logwatch-7.5.5/scripts/services/mdadm 2021-10-06 11:41:14.800307603 +0200
+@@ -35,7 +35,7 @@
+ } elsif ( -f "/etc/mdadm/mdadm.conf" ) {
+ open(MDADM,"< /etc/mdadm/mdadm.conf");
+ } elsif ($enable_scan) {
+- open(MDADM,"mdadm --detail --scan 2>/dev/null|");
++ open(MDADM,"sudo mdadm --detail --scan 2>/dev/null|");
+ }
+ while (<MDADM>) {
+ if (/^ARRAY/) {
+@@ -51,7 +51,7 @@
+ next;
+ }
+
+- open(MDADM,"mdadm --misc --detail $dev 2>&1 |");
++ open(MDADM,"sudo mdadm --misc --detail $dev 2>&1 |");
+ while (<MDADM>) {
+ if ($_ =~ /cannot open .*: No such file or directory/) {
+ print $_ unless $ignore_missing;
+@@ -74,7 +74,11 @@
+
+ if ($Detail <= 4) {
+ if (lc($mdhash{'state'}) =~ /clean|active/) {
+- print "$dev : $mdhash{'state'}\n" if $Detail;
++ if (lc($mdhash{'state'}) =~ /degraded/) {
++ print "$dev : $mdhash{'state'}\n";
++ } else {
++ print "$dev : $mdhash{'state'}\n" if $Detail;
++ }
+ } else {
+ print "$dev : $mdhash{'state'}\n";
+ if (defined($mdhash{'middle devices'})) {