Search
j0ke.net Open Build Service
>
Projects
>
vhcs
>
rkhunter
> rkhunter-config-1.3.6.patch
Sign Up
|
Log In
Username
Password
Cancel
Overview
Repositories
Revisions
Requests
Users
Advanced
Attributes
Meta
File rkhunter-config-1.3.6.patch of Package rkhunter
--- rkhunter-1.3.6/files/rkhunter.conf.orig 2010-08-10 23:31:50.414903807 +0200 +++ rkhunter-1.3.6/files/rkhunter.conf 2010-08-11 00:22:35.439550648 +0200 @@ -71,7 +71,7 @@ # NOTE: This option should be present in the configuration file. # #MAIL-ON-WARNING=me@mydomain root@mydomain -MAIL-ON-WARNING="" +MAIL-ON-WARNING=root # # Specify the mail command to use if MAIL-ON-WARNING is set. @@ -196,7 +196,7 @@ # file, then a value here of 'yes' or 'unset' will not cause a warning. # This option has a default value of 'no'. # -ALLOW_SSH_ROOT_USER=no +ALLOW_SSH_ROOT_USER=yes # # Set this option to '1' to allow the use of the SSH-1 protocol, but note @@ -299,7 +299,7 @@ # # Whenever this option is changed 'rkhunter --propupd' must be run. # -#PKGMGR=NONE +PKGMGR=RPM # # It is possible that a file which is part of a package may be modified @@ -392,10 +392,12 @@ # Allow the specified commands to be scripts. # One command per line (use multiple SCRIPTWHITELIST lines). # -#SCRIPTWHITELIST=/sbin/ifup -#SCRIPTWHITELIST=/sbin/ifdown -#SCRIPTWHITELIST=/usr/bin/groups - +SCRIPTWHITELIST=/sbin/ifup +SCRIPTWHITELIST=/sbin/ifdown +SCRIPTWHITELIST=/usr/bin/groups +SCRIPTWHITELIST=/usr/bin/whatis +SCRIPTWHITELIST=/usr/bin/ldd +SCRIPTWHITELIST=/usr/bin/GET # # Allow the specified commands to have the immutable attribute set. # One command per line (use multiple IMMUTWHITELIST lines). @@ -406,11 +408,11 @@ # Allow the specified hidden directories. # One directory per line (use multiple ALLOWHIDDENDIR lines). # -#ALLOWHIDDENDIR=/etc/.java -#ALLOWHIDDENDIR=/dev/.udev +ALLOWHIDDENDIR=/etc/.java +ALLOWHIDDENDIR=/dev/.udev #ALLOWHIDDENDIR=/dev/.udevdb #ALLOWHIDDENDIR=/dev/.udev.tdb -#ALLOWHIDDENDIR=/dev/.static +ALLOWHIDDENDIR=/dev/.static #ALLOWHIDDENDIR=/dev/.initramfs #ALLOWHIDDENDIR=/dev/.SRC-unix #ALLOWHIDDENDIR=/dev/.mdadm @@ -420,15 +422,15 @@ # One file per line (use multiple ALLOWHIDDENFILE lines). # #ALLOWHIDDENFILE=/etc/.java -#ALLOWHIDDENFILE=/usr/share/man/man1/..1.gz -#ALLOWHIDDENFILE=/etc/.pwd.lock +ALLOWHIDDENFILE=/usr/share/man/man1/..1.gz +ALLOWHIDDENFILE=/etc/.pwd.lock #ALLOWHIDDENFILE=/etc/.init.state #ALLOWHIDDENFILE=/lib/.libcrypto.so.0.9.8e.hmac #ALLOWHIDDENFILE=/lib/.libcrypto.so.6.hmac #ALLOWHIDDENFILE=/lib/.libssl.so.0.9.8e.hmac #ALLOWHIDDENFILE=/lib/.libssl.so.6.hmac -#ALLOWHIDDENFILE=/usr/bin/.fipscheck.hmac -#ALLOWHIDDENFILE=/usr/bin/.ssh.hmac +ALLOWHIDDENFILE=/usr/bin/.fipscheck.hmac +ALLOWHIDDENFILE=/usr/bin/.ssh.hmac #ALLOWHIDDENFILE=/usr/lib/.libfipscheck.so.1.1.0.hmac #ALLOWHIDDENFILE=/usr/lib/.libfipscheck.so.1.hmac #ALLOWHIDDENFILE=/usr/lib/.libgcrypt.so.11.hmac @@ -436,7 +438,7 @@ #ALLOWHIDDENFILE=/usr/lib/hmaccalc/sha256hmac.hmac #ALLOWHIDDENFILE=/usr/lib/hmaccalc/sha384hmac.hmac #ALLOWHIDDENFILE=/usr/lib/hmaccalc/sha512hmac.hmac -#ALLOWHIDDENFILE=/usr/sbin/.sshd.hmac +ALLOWHIDDENFILE=/usr/sbin/.sshd.hmac # # Allow the specified processes to use deleted files. @@ -499,6 +501,7 @@ #ALLOWDEVFILE=/dev/shm/sem.ADBE_ReadPrefs_* #ALLOWDEVFILE=/dev/shm/sem.ADBE_REL_* #ALLOWDEVFILE=/dev/shm/sem.ADBE_WritePrefs_* +ALLOWDEVFILE=/dev/shm/sysconfig/* # # This setting tells rkhunter where the inetd configuration @@ -546,7 +549,12 @@ # Only one service (file) per line (use multiple XINETD_ALLOWED_SVC lines). # #XINETD_ALLOWED_SVC=/etc/xinetd.d/echo - +XINETD_ALLOWED_SVC=/etc/xinetd.d/ftp_psa +XINETD_ALLOWED_SVC=/etc/xinetd.d/smtp_psa +XINETD_ALLOWED_SVC=/etc/xinetd.d/smtps_psa +XINETD_ALLOWED_SVC=/etc/xinetd.d/poppassd_psa +XINETD_ALLOWED_SVC=/etc/xinetd.d/submission_psa +XINETD_ALLOWED_SVC=/etc/xinetd.d/nrpe # # This option tells rkhunter the local system startup file pathnames. # It is a space-separated list of files and directories. The directories @@ -593,7 +601,7 @@ # # This option permits the use of syslog remote logging. # -ALLOW_SYSLOG_REMOTE_LOGGING=0 +ALLOW_SYSLOG_REMOTE_LOGGING=1 # # Allow the following applications, or a specific version of an application, @@ -605,7 +613,7 @@ # # Note above that for the Apache web server, the name 'httpd' is used. # -#APP_WHITELIST="" +APP_WHITELIST="httpd apache2 named proftpd openssl php php5 sshd gpg" # # Scan for suspicious files in directories containing temporary files and