Search
j0ke.net Open Build Service
>
Projects
>
internetx
>
rkhunter
> rkhunter.spec
Sign Up
|
Log In
Username
Password
Cancel
Overview
Repositories
Revisions
Requests
Users
Advanced
Attributes
Meta
File rkhunter.spec of Package rkhunter
# norootforbuild # usedforbuild aaa_base acl attr audit-libs autoconf automake bash bind-libs bind-utils binutils bison bzip2 coreutils cpio cpp cpp41 cracklib cvs cyrus-sasl db diffutils e2fsprogs file filesystem fillup findutils flex gawk gcc gcc41 gdbm gdbm-devel gettext gettext-devel glibc glibc-devel glibc-locale gpm grep groff gzip info insserv klogd less libacl libattr libcom_err libgcc41 libltdl libmudflap41 libnscd libstdc++41 libtool libvolume_id libxcrypt libzio linux-kernel-headers m4 make man mktemp module-init-tools ncurses ncurses-devel net-tools netcfg openldap2-client openssl pam pam-modules patch perl permissions popt procinfo procps psmisc pwdutils rcs readline rpm sed strace sysvinit tar tcpd texinfo timezone unzip util-linux vim zlib zlib-devel %define realname rkhunter Name: rkhunter URL: http://www.rootkit.nl/ License: GNU General Public License (GPL) Group: System/Monitoring Autoreqprov: on Summary: Rootkit Scans for Rootkits, Backdoors, and Local Exploits Version: 1.3.8 Release: 1 Source0: http://downloads.rootkit.nl/%{realname}-%{version}.tar.bz2 #Patch0: %{realname}-10.0_os.dat.patch Patch1: %{realname}-config-%{version}.patch Patch2: %{realname}-%{version}-installer.patch Requires: coreutils wget cron BuildRoot: %{_tmppath}/%{name}-%{version}-build %description Rootkit scanner is scanning tool that can give you 99.9% certainty that your system is clean of nasty tools. This tool scans for rootkits, backdoors, and local exploits by running tests like: - Comparing MD5 hashes - Looking for default files used by rootkits - Checking for wrong file permissions for binaries - Looking for suspected strings in LKM and KLD modules - Looking for hidden files - Optionally scanning within plain text and binary files - Checking software versions - Testing applications Authors: -------- Michael Boelen <michael@rootkit.nl> %debug_package %prep %setup -q -n %{realname}-%{version} ##%patch0 -p1 %patch1 -p1 %patch2 %build %install ./installer.sh --layout RPM --install %if 0%{?suse_version} mkdir -p ${RPM_BUILD_ROOT}/%{_docdir} if [ -d ${RPM_BUILD_ROOT}/usr/share/doc/%{realname}-%{version} ] ; then mv ${RPM_BUILD_ROOT}/usr/share/doc/%{realname}-%{version} ${RPM_BUILD_ROOT}%{_docdir} fi %endif cat files/rkhunter.conf >> ${RPM_BUILD_ROOT}%{_sysconfdir}/rkhunter.conf %{__chmod} 640 ${RPM_BUILD_ROOT}%{_sysconfdir}/rkhunter.conf # Only root should use rkhunter (at least for now) #%{__chmod} o-rwx -R ${RPM_BUILD_ROOT}/usr/share/rkhunter %{__chmod} o-rwx -R ${RPM_BUILD_ROOT}%{_var}/lib/rkhunter/db # make a cron.daily file to mail us the reports %{__mkdir} -p "${RPM_BUILD_ROOT}/%{_sysconfdir}/cron.daily" %{__cat} > "${RPM_BUILD_ROOT}/%{_sysconfdir}/cron.daily/rkhunter-update-check" <<EOF #!/bin/sh %{_bindir}/rkhunter --quiet --update %{_bindir}/rkhunter --quiet --cronjob --nomow EOF %{__chmod} a+rwx,g-w,o-w ${RPM_BUILD_ROOT}%{_sysconfdir}/cron.daily/rkhunter-update-check %post %{_bindir}/rkhunter --quiet --propupd %clean [ "$RPM_BUILD_ROOT" != "/" ] && [ -d $RPM_BUILD_ROOT ] \ && rm -rf $RPM_BUILD_ROOT %files %defattr(-,root,root,-) %{_bindir}/rkhunter %doc %{_docdir}/rkhunter-%{version} %{_mandir}/man8/* %dir %{_libdir}/rkhunter %{_libdir}/rkhunter/scripts %dir %{_var}/lib/rkhunter %dir %{_var}/lib/rkhunter/tmp %{_var}/lib/rkhunter/db %config(noreplace) %verify(not mtime) %{_sysconfdir}/rkhunter.conf %attr(755,root,root) %{_sysconfdir}/cron.daily/rkhunter-update-check %changelog -n rkhunter * Sun Dec 26 2010 Carsten Schoene <cs@linux-administrator.com> - 1.3.8-1 - updated to rkhunter 1.3.8 * Wed May 05 2010 Carsten Schoene <cs@linux-administrator.com> - 1.3.6-3 - updated rkhunter configuration * Thu Apr 22 2010 Carsten Schoene <cs@linux-administrator.com> - 1.3.6-2 - updated rkhunter configuration * Sun Nov 29 2009 Carsten Schoene <cs@linux-administrator.com> - 1.3.6-1 - new upstream release 1.3.6 - New IGNORE_PRELINK_DEP_ERR configuration option in case of persistent prelink dependency errors. - New USER_FILEPROP_FILES_DIRS configuration option to add files and directories to the file properties check. - New COPY_LOG_ON_ERROR configuration option to copy the log file if any errors or warnings have occurred. - New WEBCMD configuration option to specify the command used to download data file updates from the Internet. - Rkhunter will look for configuration options in the main configuration file, and then in the local configuration file if it exists. - New SHARED_LIB_WHITELIST configuration option for whitelisting preloaded shared libraries. - New WARN_ON_OS_CHANGE configuration option. If unset then no warnings will be shown. - New UPDT_ON_OS_CHANGE configuration option. If set and the O/S has changed then rkhunter will automatically update properties ('rkhunter –propupd'). - Added support for hash functions SHA224, SHA256, SHA384 and SHA512 using CPAN perl modules Digest-SHA-PurePerl or SHA256. - New UPDATE_LANG configuration option. - New ALLOWPROMISCIF configuration option. - New PKGMGR_NO_VRFY configuration option for fine-grained package manager verification process control. - Rootkit checks added: Adore Rootkit (aka strings.o aka Dextenea) cb, CX, Fu, iLLogiC, ld-linuxv.so.1, 'Spanish', trNkit, Xzibit, ZK. - Updated rootkit / malware checks: Ambient (ark), beX2, BOBkit, Dica-kit, Dreams, Enye LKM, evil strings test, Fleakit, FreeBSD, Phalanx2, SHV4, Universal (URK). * Thu Jan 01 2009 Carsten Schoene <cs@linux-administrator.com> - 1.3.4-1 - new upstream release 1.3.4 - Added IntoXonia-NG rootkit check. - Added Phalanx2 rootkit check. - Added support for TCB shadow files. - The '--propupd' option can now take an optional file, directory or package name after it. - Revised file properties inode check. - Improved the O/S name detection. - Improved hidden files and directories check. - Improved debug file option. * Fri May 30 2008 Carsten Schoene <cs@linux-administrator.com> - new upstream release 1.3.2 - Socklog and rsyslog daemons support. - IRIX/IRIX64 support. - Application version check errors mostly ignored. - Unset ALLOW_SSH_ROOT_USER and ALLOW_SSH_PROT_V1. - Application check whitelisting. - 'pflog' checked for all *BSD now. - Correct scanning of /dev in LAZY mode. - Whitelisted passwordless account names logged. - Corrected obtaining process names in Solaris. - Unset MANPATH for .spec (OpenSuSE). - Correct hidden files/directories test behaviour. - Cater for those using fdesc/fdescfs. * Tue Jan 15 2008 Carsten Schoene <cs@linux-administrator.com> - reworked all patches - changed installation to installers RPM mode - internetx specific configuration changes * Wed Nov 22 2006 - meissner@suse.de - use correct string for i586. #223221 * Thu Nov 16 2006 - meissner@suse.de - Detect openSUSE as product correctly. #216053 - renamed cron script to have "suse.de-" prefix. * Tue Nov 07 2006 - meissner@suse.de - Include the current database from upstream. #216053 - daily cron script to mode 755 * Wed Jul 19 2006 - meissner@suse.de - New version 1.2.8 - some hashes and version updated - small fixes - Added SUSE Linux 10 hashes * Thu Mar 23 2006 - meissner@suse.de - detect 10.1. #148471 * Wed Jan 25 2006 - mls@suse.de - converted neededforbuild to BuildRequires * Thu Dec 01 2005 - meissner@suse.de - Order ALLOW* directives in the right section. - Do not |mail in a cronjob, just let cron do it for itself. - Quiet down output so it usually should not mail. - Enable MAIL_ON_WARNING, send mail to root. #132683 * Wed Sep 07 2005 - meissner@suse.de - ignore /etc/.pwd.lock, /etc/.java too. #115128 * Thu Aug 18 2005 - meissner@suse.de - recognize 10.0, ignore /dev/.udevdb/. * Fri Aug 12 2005 - meissner@suse.de - Use /usr/share/rkhunter instead of /usr/%%_lib/rkhunter. - Fixed some other problems. * Mon Jul 11 2005 - meissner@suse.de - Initial import of rkhunter 1.2.7.
