Changes - j0ke.net Open Build Service

Changes of Revision 30

[-] [+]	Added	ix-rkhunter.changes
@@ -0,0 +1,10 @@ +------------------------------------------------------------------- +Thu Sep 8 17:27:53 UTC 2011 - cs@linux-administrator.com + +- changed e-mail address to rkhunter@internetx.de + +------------------------------------------------------------------- +Tue Jan 18 08:08:05 UTC 2011 - cs@linux-administrator.com + +- added amandaclient to xinetd whitelist +
[-] [+]	Deleted	rkhunter.changes ^
@@ -1,10 +0,0 @@ -------------------------------------------------------------------- -Thu Sep 8 17:27:53 UTC 2011 - cs@linux-administrator.com - -- changed e-mail address to rkhunter@internetx.de - -------------------------------------------------------------------- -Tue Jan 18 08:08:05 UTC 2011 - cs@linux-administrator.com - -- added amandaclient to xinetd whitelist -
[-] [+]	Added	ix-rkhunter.spec ^
@@ -0,0 +1,190 @@ +# norootforbuild +# usedforbuild aaa_base acl attr audit-libs autoconf automake bash bind-libs bind-utils binutils bison bzip2 coreutils cpio cpp cpp41 cracklib cvs cyrus-sasl db diffutils e2fsprogs file filesystem fillup findutils flex gawk gcc gcc41 gdbm gdbm-devel gettext gettext-devel glibc glibc-devel glibc-locale gpm grep groff gzip info insserv klogd less libacl libattr libcom_err libgcc41 libltdl libmudflap41 libnscd libstdc++41 libtool libvolume_id libxcrypt libzio linux-kernel-headers m4 make man mktemp module-init-tools ncurses ncurses-devel net-tools netcfg openldap2-client openssl pam pam-modules patch perl permissions popt procinfo procps psmisc pwdutils rcs readline rpm sed strace sysvinit tar tcpd texinfo timezone unzip util-linux vim zlib zlib-devel + +%define realname rkhunter +Name: ix-rkhunter +URL: http://www.rootkit.nl/ +License: GNU General Public License (GPL) +Group: System/Monitoring +Autoreqprov: on +Summary: Rootkit Scans for Rootkits, Backdoors, and Local Exploits +Version: 1.3.8 +Release: 2 +Source0: http://downloads.rootkit.nl/%{realname}-%{version}.tar.bz2 +#Patch0: %{realname}-10.0_os.dat.patch +Patch1: %{realname}-config-%{version}.patch +Patch2: %{realname}-%{version}-installer.patch +Requires: coreutils wget +BuildRoot: %{_tmppath}/%{name}-%{version}-build + +%description +Rootkit scanner is scanning tool that can give you 99.9% certainty that +your system is clean of nasty tools. This tool scans for rootkits, +backdoors, and local exploits by running tests like: + +- Comparing MD5 hashes + +- Looking for default files used by rootkits + +- Checking for wrong file permissions for binaries + +- Looking for suspected strings in LKM and KLD modules + +- Looking for hidden files + +- Optionally scanning within plain text and binary files + +- Checking software versions + +- Testing applications + + + +Authors: +-------- + Michael Boelen <michael@rootkit.nl> + +%debug_package +%prep +%setup -q -n %{realname}-%{version} +##%patch0 -p1 +%patch1 -p1 +%patch2 +%build + +%install +./installer.sh --layout RPM --install +%if 0%{?suse_version} +mkdir -p ${RPM_BUILD_ROOT}/%{_docdir} +mv ${RPM_BUILD_ROOT}/usr/share/doc/%{realname}-%{version} ${RPM_BUILD_ROOT}%{_docdir} +%endif +cat files/rkhunter.conf >> ${RPM_BUILD_ROOT}%{_sysconfdir}/rkhunter.conf +%{__chmod} 640 ${RPM_BUILD_ROOT}%{_sysconfdir}/rkhunter.conf +# Only root should use rkhunter (at least for now) +#%{__chmod} o-rwx -R ${RPM_BUILD_ROOT}/usr/share/rkhunter +%{__chmod} o-rwx -R ${RPM_BUILD_ROOT}%{_var}/lib/rkhunter/db +# make a cron.daily file to mail us the reports +%{__mkdir} -p "${RPM_BUILD_ROOT}/%{_sysconfdir}/cron.daily" +%{__cat} > "${RPM_BUILD_ROOT}/%{_sysconfdir}/cron.daily/ix-rkhunter" <<EOF +#!/bin/sh +%{_bindir}/rkhunter --quiet --update +%{_bindir}/rkhunter --quiet --cronjob --nomow +EOF +%{__chmod} a+rwx,g-w,o-w ${RPM_BUILD_ROOT}%{_sysconfdir}/cron.daily/ix-rkhunter + +%post +%{_bindir}/rkhunter --quiet --propupd + +%clean +[ "$RPM_BUILD_ROOT" != "/" ] && [ -d $RPM_BUILD_ROOT ] \ + && rm -rf $RPM_BUILD_ROOT + +%files +%defattr(-,root,root,-) +%{_bindir}/rkhunter +%doc %{_docdir}/rkhunter-%{version} +%{_mandir}/man8/* +%dir %{_libdir}/rkhunter +%{_libdir}/rkhunter/scripts +%dir %{_var}/lib/rkhunter +%dir %{_var}/lib/rkhunter/tmp +%{_var}/lib/rkhunter/db +%config(noreplace) %verify(not mtime) %{_sysconfdir}/rkhunter.conf +%attr(755,root,root) %{_sysconfdir}/cron.daily/ix-rkhunter + +%changelog -n rkhunter +* Thu Sep 08 2011 Carsten Schoene <cs@linux-administrator.com> - 1.3.8-2 +- changed e-mail address to rkhunter@internetx.de + +* Sun Dec 26 2010 Carsten Schoene <cs@linux-administrator.com> - 1.3.8-1 +- new upstream release 1.3.8 +- reworked all patches for new version + +* Mon Dec 20 2010 Carsten Schoene <cs@linux-administrator.com> - 1.3.6-4 +- updated script whitelist with files for ksplice + +* Wed May 05 2010 Carsten Schoene <cs@linux-administrator.com> - 1.3.6-3 +- updated rkhunter configuration + +* Thu Apr 22 2010 Carsten Schoene <cs@linux-administrator.com> - 1.3.6-2 +- updated rkhunter configuration + +* Sun Nov 29 2009 Carsten Schoene <cs@linux-administrator.com> - 1.3.6-1 +- new upstream release 1.3.6 + - New IGNORE_PRELINK_DEP_ERR configuration option in case of persistent prelink dependency errors. + - New USER_FILEPROP_FILES_DIRS configuration option to add files and directories to the file properties check. + - New COPY_LOG_ON_ERROR configuration option to copy the log file if any errors or warnings have occurred. + - New WEBCMD configuration option to specify the command used to download data file updates from the Internet. + - Rkhunter will look for configuration options in the main configuration file, and then in the local configuration file if it exists. + - New SHARED_LIB_WHITELIST configuration option for whitelisting preloaded shared libraries. + - New WARN_ON_OS_CHANGE configuration option. If unset then no warnings will be shown. + - New UPDT_ON_OS_CHANGE configuration option. If set and the O/S has changed then rkhunter will automatically update properties ('rkhunter –propupd'). + - Added support for hash functions SHA224, SHA256, SHA384 and SHA512 using CPAN perl modules Digest-SHA-PurePerl or SHA256. + - New UPDATE_LANG configuration option. + - New ALLOWPROMISCIF configuration option. + - New PKGMGR_NO_VRFY configuration option for fine-grained package manager verification process control. + - Rootkit checks added: Adore Rootkit (aka strings.o aka Dextenea) cb, CX, Fu, iLLogiC, ld-linuxv.so.1, 'Spanish', trNkit, Xzibit, ZK. + - Updated rootkit / malware checks: Ambient (ark), beX2, BOBkit, Dica-kit, Dreams, Enye LKM, evil strings test, Fleakit, FreeBSD, Phalanx2, SHV4, Universal (URK). + +* Thu Jan 01 2009 Carsten Schoene <cs@linux-administrator.com> - 1.3.4-1 +- new upstream release 1.3.4 + - Added IntoXonia-NG rootkit check. + - Added Phalanx2 rootkit check. + - Added support for TCB shadow files. + - The '--propupd' option can now take an optional file, directory or package name after it. + - Revised file properties inode check. + - Improved the O/S name detection. + - Improved hidden files and directories check. + - Improved debug file option. + +* Fri May 30 2008 Carsten Schoene <cs@linux-administrator.com> +- new upstream release 1.3.2 + - Socklog and rsyslog daemons support. + - IRIX/IRIX64 support. + - Application version check errors mostly ignored. + - Unset ALLOW_SSH_ROOT_USER and ALLOW_SSH_PROT_V1. + - Application check whitelisting. + - 'pflog' checked for all BSD now. + - Correct scanning of /dev in LAZY mode. + - Whitelisted passwordless account names logged. + - Corrected obtaining process names in Solaris. + - Unset MANPATH for .spec (OpenSuSE). + - Correct hidden files/directories test behaviour. + - Cater for those using fdesc/fdescfs. + + Tue Jan 15 2008 Carsten Schoene <cs@linux-administrator.com> +- reworked all patches +- changed installation to installers RPM mode +- internetx specific configuration changes + +* Wed Nov 22 2006 - meissner@suse.de +- use correct string for i586. #223221 +* Thu Nov 16 2006 - meissner@suse.de +- Detect openSUSE as product correctly. #216053 +- renamed cron script to have "suse.de-" prefix. +* Tue Nov 07 2006 - meissner@suse.de +- Include the current database from upstream. #216053 +- daily cron script to mode 755 +* Wed Jul 19 2006 - meissner@suse.de +- New version 1.2.8 + - some hashes and version updated + - small fixes +- Added SUSE Linux 10 hashes +* Thu Mar 23 2006 - meissner@suse.de +- detect 10.1. #148471 +* Wed Jan 25 2006 - mls@suse.de +- converted neededforbuild to BuildRequires +* Thu Dec 01 2005 - meissner@suse.de +- Order ALLOW* directives in the right section. +- Do not \|mail in a cronjob, just let cron do it for itself. +- Quiet down output so it usually should not mail. +- Enable MAIL_ON_WARNING, send mail to root. #132683 +* Wed Sep 07 2005 - meissner@suse.de +- ignore /etc/.pwd.lock, /etc/.java too. #115128 +* Thu Aug 18 2005 - meissner@suse.de +- recognize 10.0, ignore /dev/.udevdb/. +* Fri Aug 12 2005 - meissner@suse.de +- Use /usr/share/rkhunter instead of /usr/%%_lib/rkhunter. +- Fixed some other problems. +* Mon Jul 11 2005 - meissner@suse.de +- Initial import of rkhunter 1.2.7.
[-] [+]	Deleted	rkhunter.spec ^
@@ -1,190 +0,0 @@ -# norootforbuild -# usedforbuild aaa_base acl attr audit-libs autoconf automake bash bind-libs bind-utils binutils bison bzip2 coreutils cpio cpp cpp41 cracklib cvs cyrus-sasl db diffutils e2fsprogs file filesystem fillup findutils flex gawk gcc gcc41 gdbm gdbm-devel gettext gettext-devel glibc glibc-devel glibc-locale gpm grep groff gzip info insserv klogd less libacl libattr libcom_err libgcc41 libltdl libmudflap41 libnscd libstdc++41 libtool libvolume_id libxcrypt libzio linux-kernel-headers m4 make man mktemp module-init-tools ncurses ncurses-devel net-tools netcfg openldap2-client openssl pam pam-modules patch perl permissions popt procinfo procps psmisc pwdutils rcs readline rpm sed strace sysvinit tar tcpd texinfo timezone unzip util-linux vim zlib zlib-devel - -%define realname rkhunter -Name: ix-rkhunter -URL: http://www.rootkit.nl/ -License: GNU General Public License (GPL) -Group: System/Monitoring -Autoreqprov: on -Summary: Rootkit Scans for Rootkits, Backdoors, and Local Exploits -Version: 1.3.8 -Release: 2 -Source0: http://downloads.rootkit.nl/%{realname}-%{version}.tar.bz2 -#Patch0: %{realname}-10.0_os.dat.patch -Patch1: %{realname}-config-%{version}.patch -Patch2: %{realname}-%{version}-installer.patch -Requires: coreutils wget -BuildRoot: %{_tmppath}/%{name}-%{version}-build - -%description -Rootkit scanner is scanning tool that can give you 99.9% certainty that -your system is clean of nasty tools. This tool scans for rootkits, -backdoors, and local exploits by running tests like: - -- Comparing MD5 hashes - -- Looking for default files used by rootkits - -- Checking for wrong file permissions for binaries - -- Looking for suspected strings in LKM and KLD modules - -- Looking for hidden files - -- Optionally scanning within plain text and binary files - -- Checking software versions - -- Testing applications - - - -Authors: --------- - Michael Boelen <michael@rootkit.nl> - -%debug_package -%prep -%setup -q -n %{realname}-%{version} -##%patch0 -p1 -%patch1 -p1 -%patch2 -%build - -%install -./installer.sh --layout RPM --install -%if 0%{?suse_version} -mkdir -p ${RPM_BUILD_ROOT}/%{_docdir} -mv ${RPM_BUILD_ROOT}/usr/share/doc/%{realname}-%{version} ${RPM_BUILD_ROOT}%{_docdir} -%endif -cat files/rkhunter.conf >> ${RPM_BUILD_ROOT}%{_sysconfdir}/rkhunter.conf -%{__chmod} 640 ${RPM_BUILD_ROOT}%{_sysconfdir}/rkhunter.conf -# Only root should use rkhunter (at least for now) -#%{__chmod} o-rwx -R ${RPM_BUILD_ROOT}/usr/share/rkhunter -%{__chmod} o-rwx -R ${RPM_BUILD_ROOT}%{_var}/lib/rkhunter/db -# make a cron.daily file to mail us the reports -%{__mkdir} -p "${RPM_BUILD_ROOT}/%{_sysconfdir}/cron.daily" -%{__cat} > "${RPM_BUILD_ROOT}/%{_sysconfdir}/cron.daily/ix-rkhunter" <<EOF -#!/bin/sh -%{_bindir}/rkhunter --quiet --update -%{_bindir}/rkhunter --quiet --cronjob --nomow -EOF -%{__chmod} a+rwx,g-w,o-w ${RPM_BUILD_ROOT}%{_sysconfdir}/cron.daily/ix-rkhunter - -%post -%{_bindir}/rkhunter --quiet --propupd - -%clean -[ "$RPM_BUILD_ROOT" != "/" ] && [ -d $RPM_BUILD_ROOT ] \ - && rm -rf $RPM_BUILD_ROOT - -%files -%defattr(-,root,root,-) -%{_bindir}/rkhunter -%doc %{_docdir}/rkhunter-%{version} -%{_mandir}/man8/* -%dir %{_libdir}/rkhunter -%{_libdir}/rkhunter/scripts -%dir %{_var}/lib/rkhunter -%dir %{_var}/lib/rkhunter/tmp -%{_var}/lib/rkhunter/db -%config(noreplace) %verify(not mtime) %{_sysconfdir}/rkhunter.conf -%attr(755,root,root) %{_sysconfdir}/cron.daily/ix-rkhunter - -%changelog -n rkhunter -* Thu Sep 08 2011 Carsten Schoene <cs@linux-administrator.com> - 1.3.8-2 -- changed e-mail address to rkhunter@internetx.de - -* Sun Dec 26 2010 Carsten Schoene <cs@linux-administrator.com> - 1.3.8-1 -- new upstream release 1.3.8 -- reworked all patches for new version - -* Mon Dec 20 2010 Carsten Schoene <cs@linux-administrator.com> - 1.3.6-4 -- updated script whitelist with files for ksplice - -* Wed May 05 2010 Carsten Schoene <cs@linux-administrator.com> - 1.3.6-3 -- updated rkhunter configuration - -* Thu Apr 22 2010 Carsten Schoene <cs@linux-administrator.com> - 1.3.6-2 -- updated rkhunter configuration - -* Sun Nov 29 2009 Carsten Schoene <cs@linux-administrator.com> - 1.3.6-1 -- new upstream release 1.3.6 - - New IGNORE_PRELINK_DEP_ERR configuration option in case of persistent prelink dependency errors. - - New USER_FILEPROP_FILES_DIRS configuration option to add files and directories to the file properties check. - - New COPY_LOG_ON_ERROR configuration option to copy the log file if any errors or warnings have occurred. - - New WEBCMD configuration option to specify the command used to download data file updates from the Internet. - - Rkhunter will look for configuration options in the main configuration file, and then in the local configuration file if it exists. - - New SHARED_LIB_WHITELIST configuration option for whitelisting preloaded shared libraries. - - New WARN_ON_OS_CHANGE configuration option. If unset then no warnings will be shown. - - New UPDT_ON_OS_CHANGE configuration option. If set and the O/S has changed then rkhunter will automatically update properties ('rkhunter –propupd'). - - Added support for hash functions SHA224, SHA256, SHA384 and SHA512 using CPAN perl modules Digest-SHA-PurePerl or SHA256. - - New UPDATE_LANG configuration option. - - New ALLOWPROMISCIF configuration option. - - New PKGMGR_NO_VRFY configuration option for fine-grained package manager verification process control. - - Rootkit checks added: Adore Rootkit (aka strings.o aka Dextenea) cb, CX, Fu, iLLogiC, ld-linuxv.so.1, 'Spanish', trNkit, Xzibit, ZK. - - Updated rootkit / malware checks: Ambient (ark), beX2, BOBkit, Dica-kit, Dreams, Enye LKM, evil strings test, Fleakit, FreeBSD, Phalanx2, SHV4, Universal (URK). - -* Thu Jan 01 2009 Carsten Schoene <cs@linux-administrator.com> - 1.3.4-1 -- new upstream release 1.3.4 - - Added IntoXonia-NG rootkit check. - - Added Phalanx2 rootkit check. - - Added support for TCB shadow files. - - The '--propupd' option can now take an optional file, directory or package name after it. - - Revised file properties inode check. - - Improved the O/S name detection. - - Improved hidden files and directories check. - - Improved debug file option. - -* Fri May 30 2008 Carsten Schoene <cs@linux-administrator.com> -- new upstream release 1.3.2 - - Socklog and rsyslog daemons support. - - IRIX/IRIX64 support. - - Application version check errors mostly ignored. - - Unset ALLOW_SSH_ROOT_USER and ALLOW_SSH_PROT_V1. - - Application check whitelisting. - - 'pflog' checked for all BSD now. - - Correct scanning of /dev in LAZY mode. - - Whitelisted passwordless account names logged. - - Corrected obtaining process names in Solaris. - - Unset MANPATH for .spec (OpenSuSE). - - Correct hidden files/directories test behaviour. - - Cater for those using fdesc/fdescfs. - - Tue Jan 15 2008 Carsten Schoene <cs@linux-administrator.com> -- reworked all patches -- changed installation to installers RPM mode -- internetx specific configuration changes - -* Wed Nov 22 2006 - meissner@suse.de -- use correct string for i586. #223221 -* Thu Nov 16 2006 - meissner@suse.de -- Detect openSUSE as product correctly. #216053 -- renamed cron script to have "suse.de-" prefix. -* Tue Nov 07 2006 - meissner@suse.de -- Include the current database from upstream. #216053 -- daily cron script to mode 755 -* Wed Jul 19 2006 - meissner@suse.de -- New version 1.2.8 - - some hashes and version updated - - small fixes -- Added SUSE Linux 10 hashes -* Thu Mar 23 2006 - meissner@suse.de -- detect 10.1. #148471 -* Wed Jan 25 2006 - mls@suse.de -- converted neededforbuild to BuildRequires -* Thu Dec 01 2005 - meissner@suse.de -- Order ALLOW* directives in the right section. -- Do not \|mail in a cronjob, just let cron do it for itself. -- Quiet down output so it usually should not mail. -- Enable MAIL_ON_WARNING, send mail to root. #132683 -* Wed Sep 07 2005 - meissner@suse.de -- ignore /etc/.pwd.lock, /etc/.java too. #115128 -* Thu Aug 18 2005 - meissner@suse.de -- recognize 10.0, ignore /dev/.udevdb/. -* Fri Aug 12 2005 - meissner@suse.de -- Use /usr/share/rkhunter instead of /usr/%%_lib/rkhunter. -- Fixed some other problems. -* Mon Jul 11 2005 - meissner@suse.de -- Initial import of rkhunter 1.2.7.