Changes - j0ke.net Open Build Service

Changes of Revision 8

[-] [+]	Changed	rkhunter.spec
@@ -8,8 +8,8 @@ Group: System/Monitoring Autoreqprov: on Summary: Rootkit Scans for Rootkits, Backdoors, and Local Exploits -Version: 1.3.6 -Release: 3 +Version: 1.3.8 +Release: 1 Source0: http://downloads.rootkit.nl/%{realname}-%{version}.tar.bz2 #Patch0: %{realname}-10.0_os.dat.patch Patch1: %{realname}-config-%{version}.patch @@ -56,7 +56,9 @@ ./installer.sh --layout RPM --install %if 0%{?suse_version} mkdir -p ${RPM_BUILD_ROOT}/%{_docdir} -mv ${RPM_BUILD_ROOT}/usr/share/doc/%{realname}-%{version} ${RPM_BUILD_ROOT}%{_docdir} +if [ -d ${RPM_BUILD_ROOT}/usr/share/doc/%{realname}-%{version} ] ; then + mv ${RPM_BUILD_ROOT}/usr/share/doc/%{realname}-%{version} ${RPM_BUILD_ROOT}%{_docdir} +fi %endif cat files/rkhunter.conf >> ${RPM_BUILD_ROOT}%{_sysconfdir}/rkhunter.conf %{__chmod} 640 ${RPM_BUILD_ROOT}%{_sysconfdir}/rkhunter.conf @@ -93,6 +95,9 @@ %attr(755,root,root) %{_sysconfdir}/cron.daily/rkhunter-update-check %changelog -n rkhunter +* Sun Dec 26 2010 Carsten Schoene <cs@linux-administrator.com> - 1.3.8-1 +- updated to rkhunter 1.3.8 + * Wed May 05 2010 Carsten Schoene <cs@linux-administrator.com> - 1.3.6-3 - updated rkhunter configuration
[-] [+]	Added	rkhunter-1.3.8-installer.patch ^
@@ -0,0 +1,14 @@ +--- installer.sh.orig 2010-11-16 22:34:48.000000000 +0100 ++++ installer.sh 2010-12-26 16:07:14.588360614 +0100 +@@ -163,9 +163,9 @@ + if [ -n "${RPM_BUILD_ROOT}" ]; then + if [ "${RPM_BUILD_ROOT}" = "/" ]; then + RPM_USING_ROOT=1 +- PREFIX="/usr/local" ++ PREFIX="/usr" + else +- PREFIX="${RPM_BUILD_ROOT}/usr/local" ++ PREFIX="${RPM_BUILD_ROOT}/usr" + fi + else + echo "RPM installation chosen but \$RPM_BUILD_ROOT variable not found. Exiting."
[-] [+]	Added	rkhunter-config-1.3.8.patch ^
@@ -0,0 +1,125 @@ +--- rkhunter-1.3.8/files/rkhunter.conf.orig 2010-11-13 21:25:22.000000000 +0100 ++++ rkhunter-1.3.8/files/rkhunter.conf 2010-12-26 15:56:12.152258222 +0100 +@@ -76,7 +76,7 @@ + # NOTE: This option should be present in the configuration file. + # + #MAIL-ON-WARNING=me@mydomain root@mydomain +-MAIL-ON-WARNING="" ++MAIL-ON-WARNING=root + + # + # Specify the mail command to use if MAIL-ON-WARNING is set. +@@ -213,7 +213,7 @@ + # file, then a value here of 'unset' can be used to avoid warning messages. + # This option has a default value of 'no'. + # +-ALLOW_SSH_ROOT_USER=no ++ALLOW_SSH_ROOT_USER=yes + + # + # Set this option to '1' to allow the use of the SSH-1 protocol, but note +@@ -323,7 +323,7 @@ + # + # Whenever this option is changed 'rkhunter --propupd' must be run. + # +-#PKGMGR=NONE ++PKGMGR=RPM + + # + # It is possible that a file which is part of a package may be modified +@@ -464,9 +464,12 @@ + # be specified more than once. The option may use wildcard + # characters. + # +-#SCRIPTWHITELIST="/sbin/ifup /sbin/ifdown" +-#SCRIPTWHITELIST="/usr/bin/groups" +- ++SCRIPTWHITELIST=/sbin/ifup ++SCRIPTWHITELIST=/sbin/ifdown ++SCRIPTWHITELIST=/usr/bin/groups ++SCRIPTWHITELIST=/usr/bin/whatis ++SCRIPTWHITELIST=/usr/bin/ldd ++SCRIPTWHITELIST=/usr/bin/GET + # + # Allow the specified commands to have the immutable attribute set. + # +@@ -489,9 +492,9 @@ + # The option may be specified more than once. The option + # may use wildcard characters. + # +-#ALLOWHIDDENDIR="/etc/.java" +-#ALLOWHIDDENDIR="/dev/.udev /dev/.udevdb /dev/.udev.tdb" +-#ALLOWHIDDENDIR="/dev/.static" ++ALLOWHIDDENDIR="/etc/.java" ++ALLOWHIDDENDIR="/dev/.udev /dev/.udevdb /dev/.udev.tdb" ++ALLOWHIDDENDIR="/dev/.static" + #ALLOWHIDDENDIR="/dev/.initramfs" + #ALLOWHIDDENDIR="/dev/.SRC-unix" + #ALLOWHIDDENDIR="/dev/.mdadm" +@@ -504,13 +507,13 @@ + # characters. + # + #ALLOWHIDDENFILE="/etc/.java" +-#ALLOWHIDDENFILE="/usr/share/man/man1/..1.gz" +-#ALLOWHIDDENFILE="/etc/.pwd.lock" ++ALLOWHIDDENFILE="/usr/share/man/man1/..1.gz" ++ALLOWHIDDENFILE="/etc/.pwd.lock" + #ALLOWHIDDENFILE="/etc/.init.state" + #ALLOWHIDDENFILE="/lib/.libcrypto.so.0.9.8e.hmac /lib/.libcrypto.so.6.hmac" + #ALLOWHIDDENFILE="/lib/.libssl.so.0.9.8e.hmac /lib/.libssl.so.6.hmac" +-#ALLOWHIDDENFILE="/usr/bin/.fipscheck.hmac" +-#ALLOWHIDDENFILE="/usr/bin/.ssh.hmac" ++ALLOWHIDDENFILE="/usr/bin/.fipscheck.hmac" ++ALLOWHIDDENFILE="/usr/bin/.ssh.hmac" + #ALLOWHIDDENFILE="/usr/lib/.libfipscheck.so.1.1.0.hmac" + #ALLOWHIDDENFILE="/usr/lib/.libfipscheck.so.1.hmac" + #ALLOWHIDDENFILE="/usr/lib/.libgcrypt.so.11.hmac" +@@ -518,7 +521,7 @@ + #ALLOWHIDDENFILE="/usr/lib/hmaccalc/sha256hmac.hmac" + #ALLOWHIDDENFILE="/usr/lib/hmaccalc/sha384hmac.hmac" + #ALLOWHIDDENFILE="/usr/lib/hmaccalc/sha512hmac.hmac" +-#ALLOWHIDDENFILE="/usr/sbin/.sshd.hmac" ++ALLOWHIDDENFILE="/usr/sbin/.sshd.hmac" + + # + # Allow the specified processes to use deleted files. The +@@ -583,6 +586,7 @@ + # + #ALLOWDEVFILE="/dev/shm/pulse-shm-" + #ALLOWDEVFILE="/dev/shm/sem.ADBE_" ++ALLOWDEVFILE=/dev/shm/sysconfig/* + + # + # This setting tells rkhunter where the inetd configuration +@@ -633,7 +637,12 @@ + # be specified more than once. + # + #XINETD_ALLOWED_SVC=/etc/xinetd.d/echo +- ++XINETD_ALLOWED_SVC=/etc/xinetd.d/ftp_psa ++XINETD_ALLOWED_SVC=/etc/xinetd.d/smtp_psa ++XINETD_ALLOWED_SVC=/etc/xinetd.d/smtps_psa ++XINETD_ALLOWED_SVC=/etc/xinetd.d/poppassd_psa ++XINETD_ALLOWED_SVC=/etc/xinetd.d/submission_psa ++XINETD_ALLOWED_SVC=/etc/xinetd.d/nrpe + # + # This option tells rkhunter the local system startup file pathnames. + # The directories will be searched for files. By default rkhunter +@@ -691,7 +700,7 @@ + # + # This option permits the use of syslog remote logging. + # +-ALLOW_SYSLOG_REMOTE_LOGGING=0 ++ALLOW_SYSLOG_REMOTE_LOGGING=1 + + # + # Allow the following applications, or a specific version of an application, +@@ -704,7 +713,7 @@ + # + # Note above that for the Apache web server, the name 'httpd' is used. + # +-#APP_WHITELIST="" ++APP_WHITELIST="httpd apache2 named proftpd openssl php php5 sshd gpg" + + # + # Scan for suspicious files in directories containing temporary files and
	Added	rkhunter-1.3.8.tar.bz2 ^