File rkhunter-config-1.3.8.patch of Package rkhunter

--- rkhunter-1.3.8/files/rkhunter.conf.orig	2010-11-13 21:25:22.000000000 +0100
+++ rkhunter-1.3.8/files/rkhunter.conf	2010-12-26 23:07:20.405611856 +0100
@@ -76,7 +76,7 @@
 # NOTE: This option should be present in the configuration file.
 #
 #MAIL-ON-WARNING=me@mydomain   root@mydomain
-MAIL-ON-WARNING=""
+MAIL-ON-WARNING=root
 
 #
 # Specify the mail command to use if MAIL-ON-WARNING is set.
@@ -213,7 +213,7 @@
 # file, then a value here of 'unset' can be used to avoid warning messages.
 # This option has a default value of 'no'.
 #
-ALLOW_SSH_ROOT_USER=no
+ALLOW_SSH_ROOT_USER=unset
 
 #
 # Set this option to '1' to allow the use of the SSH-1 protocol, but note
@@ -323,7 +323,7 @@
 #
 # Whenever this option is changed 'rkhunter --propupd' must be run.
 #
-#PKGMGR=NONE
+PKGMGR=RPM
 
 #
 # It is possible that a file which is part of a package may be modified
@@ -464,9 +464,12 @@
 # be specified more than once. The option may use wildcard
 # characters.
 #
-#SCRIPTWHITELIST="/sbin/ifup /sbin/ifdown"
-#SCRIPTWHITELIST="/usr/bin/groups"
-
+SCRIPTWHITELIST=/sbin/ifup
+SCRIPTWHITELIST=/sbin/ifdown
+SCRIPTWHITELIST=/usr/bin/groups
+SCRIPTWHITELIST=/usr/bin/whatis
+SCRIPTWHITELIST=/usr/bin/ldd
+SCRIPTWHITELIST=/usr/bin/GET
 #
 # Allow the specified commands to have the immutable attribute set.
 #
@@ -489,9 +492,9 @@
 # The option may be specified more than once. The option
 # may use wildcard characters.
 #
-#ALLOWHIDDENDIR="/etc/.java"
-#ALLOWHIDDENDIR="/dev/.udev /dev/.udevdb /dev/.udev.tdb"
-#ALLOWHIDDENDIR="/dev/.static"
+ALLOWHIDDENDIR="/etc/.java"
+ALLOWHIDDENDIR="/dev/.udev /dev/.udevdb /dev/.udev.tdb"
+ALLOWHIDDENDIR="/dev/.static"
 #ALLOWHIDDENDIR="/dev/.initramfs"
 #ALLOWHIDDENDIR="/dev/.SRC-unix"
 #ALLOWHIDDENDIR="/dev/.mdadm"
@@ -504,13 +507,13 @@
 # characters.
 # 
 #ALLOWHIDDENFILE="/etc/.java"
-#ALLOWHIDDENFILE="/usr/share/man/man1/..1.gz"
-#ALLOWHIDDENFILE="/etc/.pwd.lock"
+ALLOWHIDDENFILE="/usr/share/man/man1/..1.gz"
+ALLOWHIDDENFILE="/etc/.pwd.lock"
 #ALLOWHIDDENFILE="/etc/.init.state"
 #ALLOWHIDDENFILE="/lib/.libcrypto.so.0.9.8e.hmac /lib/.libcrypto.so.6.hmac"
 #ALLOWHIDDENFILE="/lib/.libssl.so.0.9.8e.hmac /lib/.libssl.so.6.hmac"
-#ALLOWHIDDENFILE="/usr/bin/.fipscheck.hmac"
-#ALLOWHIDDENFILE="/usr/bin/.ssh.hmac"
+ALLOWHIDDENFILE="/usr/bin/.fipscheck.hmac"
+ALLOWHIDDENFILE="/usr/bin/.ssh.hmac"
 #ALLOWHIDDENFILE="/usr/lib/.libfipscheck.so.1.1.0.hmac"
 #ALLOWHIDDENFILE="/usr/lib/.libfipscheck.so.1.hmac"
 #ALLOWHIDDENFILE="/usr/lib/.libgcrypt.so.11.hmac"
@@ -518,7 +521,7 @@
 #ALLOWHIDDENFILE="/usr/lib/hmaccalc/sha256hmac.hmac"
 #ALLOWHIDDENFILE="/usr/lib/hmaccalc/sha384hmac.hmac"
 #ALLOWHIDDENFILE="/usr/lib/hmaccalc/sha512hmac.hmac"
-#ALLOWHIDDENFILE="/usr/sbin/.sshd.hmac"
+ALLOWHIDDENFILE="/usr/sbin/.sshd.hmac"
 
 #
 # Allow the specified processes to use deleted files. The
@@ -583,6 +586,7 @@
 #
 #ALLOWDEVFILE="/dev/shm/pulse-shm-*"
 #ALLOWDEVFILE="/dev/shm/sem.ADBE_*"
+ALLOWDEVFILE=/dev/shm/sysconfig/*
 
 #
 # This setting tells rkhunter where the inetd configuration
@@ -633,7 +637,12 @@
 # be specified more than once.
 #
 #XINETD_ALLOWED_SVC=/etc/xinetd.d/echo
-
+XINETD_ALLOWED_SVC=/etc/xinetd.d/ftp_psa
+XINETD_ALLOWED_SVC=/etc/xinetd.d/smtp_psa
+XINETD_ALLOWED_SVC=/etc/xinetd.d/smtps_psa
+XINETD_ALLOWED_SVC=/etc/xinetd.d/poppassd_psa
+XINETD_ALLOWED_SVC=/etc/xinetd.d/submission_psa
+XINETD_ALLOWED_SVC=/etc/xinetd.d/nrpe
 #
 # This option tells rkhunter the local system startup file pathnames.
 # The directories will be searched for files. By default rkhunter
@@ -691,7 +700,7 @@
 #
 # This option permits the use of syslog remote logging.
 #
-ALLOW_SYSLOG_REMOTE_LOGGING=0
+ALLOW_SYSLOG_REMOTE_LOGGING=1
 
 #
 # Allow the following applications, or a specific version of an application,
@@ -704,7 +713,7 @@
 #
 # Note above that for the Apache web server, the name 'httpd' is used.
 #
-#APP_WHITELIST=""
+APP_WHITELIST="httpd apache2 named proftpd openssl php php5 sshd gpg"
 
 # 
 # Scan for suspicious files in directories containing temporary files and