rpms/chkrootkit/EL-4 chkrootkit-0.47-chklastlog.patch, NONE, 1.1 chkrootkit-0.47-warnings.patch, NONE, 1.1 chkrootkit-0.48-anomalies.patch, NONE, 1.1 chkrootkit-0.48-nophpcheck.patch, NONE, 1.1 .cvsignore, 1.5, 1.6 branch, 1.1, 1.2 chkrootkit-0.45-includes.patch, 1.1, 1.2 chkrootkit.spec, 1.10, 1.11 sources, 1.5, 1.6
Manuel Wolfshant (wolfy)
fedora-extras-commits at redhat.com
Wed Apr 23 12:55:24 UTC 2008
- Previous message (by thread): rpms/NetworkManager-openvpn/F-9 NetworkManager-openvpn-0.7.0-name-file-generation.patch, NONE, 1.1 NetworkManager-openvpn.spec, 1.12, 1.13
- Next message (by thread): rpms/perl-File-Copy-Recursive/F-8 .cvsignore, 1.5, 1.6 perl-File-Copy-Recursive.spec, 1.9, 1.10 sources, 1.5, 1.6
- Messages sorted by:
[ date ]
[ thread ]
[ subject ]
[ author ]
Author: wolfy
Update of /cvs/pkgs/rpms/chkrootkit/EL-4
In directory cvs-int.fedora.redhat.com:/tmp/cvs-serv29949
Modified Files:
.cvsignore branch chkrootkit-0.45-includes.patch
chkrootkit.spec sources
Added Files:
chkrootkit-0.47-chklastlog.patch
chkrootkit-0.47-warnings.patch chkrootkit-0.48-anomalies.patch
chkrootkit-0.48-nophpcheck.patch
Log Message:
initial EL-4 branch, based on devel
note that the chkrootkit.pam file differs due to different pam versions in EL-4 and devel
chkrootkit-0.47-chklastlog.patch:
--- NEW FILE chkrootkit-0.47-chklastlog.patch ---
diff -Nur chkrootkit-0.47-orig/chklastlog.c chkrootkit-0.47/chklastlog.c
--- chkrootkit-0.47-orig/chklastlog.c 2006-02-11 18:02:48.000000000 +0100
+++ chkrootkit-0.47/chklastlog.c 2007-02-11 22:10:25.000000000 +0100
@@ -62,10 +62,10 @@
#define LASTLOG_FILENAME "/var/log/lastlog"
#endif
#ifndef WTMP_FILENAME
-#define WTMP_FILENAME "/var/adm/wtmp"
+#define WTMP_FILENAME "/var/log/wtmp"
#endif
#ifndef LASTLOG_FILENAME
-#define LASTLOG_FILENAME "/var/adm/lastlog"
+#define LASTLOG_FILENAME "/var/log/lastlog"
#endif
#define TRUE 1L
diff -Nur chkrootkit-0.47-orig/README.chklastlog chkrootkit-0.47/README.chklastlog
--- chkrootkit-0.47-orig/README.chklastlog 2006-02-11 18:02:48.000000000 +0100
+++ chkrootkit-0.47/README.chklastlog 2007-02-11 22:50:04.000000000 +0100
@@ -31,8 +31,8 @@
% cc -o chklastlog chklastlog.c
- To run chklastlog you need read permission on the files /var/adm/wtmp
- and /var/adm/lastlogin. Normally these files are world-readable and
+ To run chklastlog you need read permission on the files /var/log/wtmp
+ and /var/log/lastlog. Normally these files are world-readable and
no special privileges are required to run the checker.
The following is an example of the output of chklastlog.
chkrootkit-0.47-warnings.patch:
--- NEW FILE chkrootkit-0.47-warnings.patch ---
diff -Nur chkrootkit-0.47-orig/chklastlog.c chkrootkit-0.47/chklastlog.c
--- chkrootkit-0.47-orig/chklastlog.c 2006-02-11 18:02:48.000000000 +0100
+++ chkrootkit-0.47/chklastlog.c 2006-10-20 14:31:43.000000000 +0200
@@ -164,7 +164,7 @@
{
if (*uid > MAX_ID)
{
- fprintf(stderr, "MAX_ID is %ld and current uid is %ld, please check\n\r", MAX_ID, *uid );
+ fprintf(stderr, "MAX_ID is %ld and current uid is %ld, please check\n\r", (long int)MAX_ID, (long int)*uid );
exit (1);
}
diff -Nur chkrootkit-0.47-orig/chkproc.c chkrootkit-0.47/chkproc.c
--- chkrootkit-0.47-orig/chkproc.c 2006-07-25 16:55:21.000000000 +0200
+++ chkrootkit-0.47/chkproc.c 2006-10-20 14:34:12.000000000 +0200
@@ -180,10 +180,8 @@
if (pv < 1 || pv > PS_MAX)
pv = 1;
pscmd = ps_cmds[pv];
-/* printf("pv = %d\n\r", pv); /* -- DEBUG */
#endif
-/* printf("pscmd = %s\n\r", pscmd); /* -- DEBUG */
if (!(ps = popen(pscmd, "r")))
{
perror("ps");
@@ -228,7 +226,6 @@
p++;
while (isspace(*p)) /* Skip spaces */
p++;
-/* printf(">>%s<<\n", p); /* -- DEBUG */
ret = atol(p);
if ( ret < 0 || ret > MAX_PROCESSES )
{
@@ -263,7 +260,6 @@
}
#endif
-/* printf("%s\n", tmp_d_name); /* -- DEBUG */
dirproc[atol(tmp_d_name)] = 1;
}
closedir(proc);
diff -Nur chkrootkit-0.48-orig/chkdirs.c chkrootkit-0.48/chkdirs.c
--- chkrootkit-0.48-orig/chkdirs.c 2007-08-10 23:22:52.000000000 +0200
+++ chkrootkit-0.48/chkdirs.c 2008-02-12 10:36:40.000000000 +0100
@@ -60,7 +60,7 @@
char *make_pathname (char *path, char *dir, char **buffer)
{
- int plen, pathname_len, bufsize, offs;
+ int plen, pathname_len, bufsize = 0, offs;
plen = strlen(path);
pathname_len = plen + strlen(dir) + 2;
@@ -237,7 +237,7 @@
int main (int argc, char **argv)
{
int norecurse = 0;
- int i, retval;
+ int i, retval = 1;
char c;
opterr = 0;
chkrootkit-0.48-anomalies.patch:
--- NEW FILE chkrootkit-0.48-anomalies.patch ---
diff -Nur chkrootkit-0.48-orig/chkrootkit chkrootkit-0.48/chkrootkit
--- chkrootkit-0.48-orig/chkrootkit 2007-12-17 19:54:42.000000000 +0100
+++ chkrootkit-0.48/chkrootkit 2008-02-12 10:10:39.000000000 +0100
@@ -1129,7 +1129,7 @@
echo "Warning: \`${files}' file size is zero"
files1=`${find} ${ROOTDIR}${HOME} ${findargs} -name '.*history' \( -links 2 -o -type l \)`
[ ! -z "${files1}" ] && \
- echo "Warning: \`${files}' is linked to another file"
+ echo "Warning: \`${files1}' is linked to another file"
fi
if [ -z "${files}" -a -z "${files1}" ]; then
if [ "${QUIET}" != "t" ]; then echo "nothing found"; fi
chkrootkit-0.48-nophpcheck.patch:
--- NEW FILE chkrootkit-0.48-nophpcheck.patch ---
diff -Nur chkrootkit-0.48-orig/chkrootkit chkrootkit-0.48/chkrootkit
--- chkrootkit-0.48-orig/chkrootkit 2007-12-17 19:54:42.000000000 +0100
+++ chkrootkit-0.48/chkrootkit 2008-03-18 21:04:58.000000000 +0100
@@ -1103,21 +1103,6 @@
fi
###
- ### Suspect PHP files
- ###
- if [ "${QUIET}" != "t" ]; then
- printn "Searching for suspect PHP files... "; fi
- files="`${find} ${ROOTDIR}tmp ${ROOTDIR}var/tmp ${findargs} -name '*.php' 2> /dev/null`"
- fileshead="`${find} ${ROOTDIR}tmp ${ROOTDIR}var/tmp ${findargs} -type f -exec head -1 {} \; | grep php 2> /dev/null`"
-
- if [ "${files}" = "" -a "${fileshead}" = "" ]; then
- if [ "${QUIET}" != "t" ]; then echo "nothing found"; fi
- else
- echo "${files}"
- echo "${fileshead}"
- fi
-
- ###
### shell history anomalies
###
if [ "${QUIET}" != "t" ]; then \
Index: .cvsignore
===================================================================
RCS file: /cvs/pkgs/rpms/chkrootkit/EL-4/.cvsignore,v
retrieving revision 1.5
retrieving revision 1.6
diff -u -r1.5 -r1.6
--- .cvsignore 29 Nov 2005 13:05:35 -0000 1.5
+++ .cvsignore 23 Apr 2008 12:54:41 -0000 1.6
@@ -1 +1,2 @@
-chkrootkit-0.46a.tar.gz
+chkrootkit-0.48.tar.gz.sig
+chkrootkit-0.48.tar.gz
Index: branch
===================================================================
RCS file: /cvs/pkgs/rpms/chkrootkit/EL-4/branch,v
retrieving revision 1.1
retrieving revision 1.2
diff -u -r1.1 -r1.2
--- branch 12 Apr 2008 22:46:59 -0000 1.1
+++ branch 23 Apr 2008 12:54:41 -0000 1.2
@@ -1 +1 @@
-EL-4
+EL-5
chkrootkit-0.45-includes.patch:
Index: chkrootkit-0.45-includes.patch
===================================================================
RCS file: /cvs/pkgs/rpms/chkrootkit/EL-4/chkrootkit-0.45-includes.patch,v
retrieving revision 1.1
retrieving revision 1.2
diff -u -r1.1 -r1.2
--- chkrootkit-0.45-includes.patch 19 Aug 2005 13:59:43 -0000 1.1
+++ chkrootkit-0.45-includes.patch 23 Apr 2008 12:54:41 -0000 1.2
@@ -21,3 +21,15 @@
#include <stdio.h>
#include <unistd.h>
#include <string.h>
+diff -Nur chkrootkit-0.48-orig/strings.c chkrootkit-0.48/strings.c
+--- chkrootkit-0.48-orig/strings.c 2006-10-18 20:00:29.000000000 +0200
++++ chkrootkit-0.48/strings.c 2008-02-12 10:29:10.000000000 +0100
+@@ -10,7 +10,7 @@
+ */
+
+ #include <stdio.h>
+-#include <strings.h>
++#include <string.h>
+ #include <sys/types.h>
+ #include <sys/stat.h>
+ #include <ctype.h>
Index: chkrootkit.spec
===================================================================
RCS file: /cvs/pkgs/rpms/chkrootkit/EL-4/chkrootkit.spec,v
retrieving revision 1.10
retrieving revision 1.11
diff -u -r1.10 -r1.11
--- chkrootkit.spec 29 Nov 2005 13:05:35 -0000 1.10
+++ chkrootkit.spec 23 Apr 2008 12:54:41 -0000 1.11
@@ -1,6 +1,6 @@
Name: chkrootkit
-Version: 0.46a
-Release: 1%{?dist}
+Version: 0.48
+Release: 7%{?dist}
Summary: Tool to locally check for signs of a rootkit
Group: Applications/System
License: BSD-like
@@ -11,10 +11,14 @@
Source3: chkrootkit.desktop
Source4: chkrootkit.console
Source5: chkrootkit.pam
+Source6: README.false_positives
Patch1: chkrootkit-0.44-getCMD.patch
Patch2: chkrootkit-0.44-inetd.patch
Patch3: chkrootkit-0.45-includes.patch
-Patch4: chkrootkit-0.46a-warnings.patch
+Patch4: chkrootkit-0.47-warnings.patch
+Patch6: chkrootkit-0.47-chklastlog.patch
+Patch7: chkrootkit-0.48-anomalies.patch
+Patch8: chkrootkit-0.48-nophpcheck.patch
BuildRoot: %{_tmppath}/%{name}-%{version}-%{release}-root-%(%{__id_u} -n)
BuildRequires: desktop-file-utils
@@ -42,11 +46,14 @@
%patch2 -p1 -b .inetd
%patch3 -p1 -b .includes
%patch4 -p1 -b .warnings
+%patch6 -p1 -b .chklastlog
+%patch7 -p1 -b .anomalies
+%patch8 -p1 -b .nophpcheck
sed -i -e 's!\s\+ at strip.*!!g' Makefile
%build
-make sense CC="%{__cc} $RPM_OPT_FLAGS"
+make sense CC="%{__cc} $RPM_OPT_FLAGS -D_FILE_OFFSET_BITS=64"
%install
@@ -89,6 +96,8 @@
--add-category X-Fedora \
%{SOURCE3}
+install -p -m0644 %{SOURCE6} .
+
%clean
rm -rf ${RPM_BUILD_ROOT}
@@ -96,60 +105,122 @@
%files
%defattr(-,root,root,-)
-%doc ACKNOWLEDGMENTS COPYRIGHT README README.chklastlog README.chkwtmp chkrootkit.lsm
+%doc ACKNOWLEDGMENTS COPYRIGHT README README.chklastlog README.chkwtmp chkrootkit.lsm README.false_positives
%{_sbindir}/chkrootkit
%{_bindir}/chkrootkit
%{_bindir}/chkrootkitX
-%{_sysconfdir}/pam.d/chkrootkit
-%{_sysconfdir}/security/console.apps/chkrootkit
+%config(noreplace) %{_sysconfdir}/pam.d/chkrootkit
+%config(noreplace) %{_sysconfdir}/security/console.apps/chkrootkit
%{_libdir}/%{name}-%{version}
%{_datadir}/applications/fedora-chkrootkit.desktop
%{_datadir}/pixmaps/chkrootkit.png
%changelog
-* Thu Nov 10 2005 Michael Schwendt <mschwendt[AT]users.sf.net> - 0.46a-1
+* Wed Apr 17 2008 Manuel "lonely wolf" Wolfshant <wolfy at fedoraproject.org> - 0.48-7
+- build for EPEL based on latest fedora-devel version; includes "Build with large
+ file API (#441638)"
+
+* Tue Mar 18 2008 Michael Schwendt <mschwendt at fedoraproject.org> - 0.48-6
+- Delete the "suspect PHP files" check. Not only does it trigger
+ SIGPIPE for file names which contain special unescaped characters,
+ the second half is doubtful (it doesn't print any filenames and
+ gets confused by binary file contents).
+
+* Tue Feb 12 2008 Michael Schwendt <mschwendt at fedoraproject.org> - 0.48-5
+- Fix the empty warning of the shell history files anomalies check.
+- Initialise two variables in chkdirs.c to silence compiler.
+
+* Fri Feb 08 2008 Michael Schwendt <mschwendt at fedoraproject.org> - 0.48-3
+- rebuilt for GCC 4.3 as requested by Fedora Release Engineering
+ (only in devel)
+
+* Sat Jan 12 2008 Michael Schwendt <mschwendt at fedoraproject.org> - 0.48-2
+- Install README with mode 0644.
+
+* Sat Dec 22 2007 Michael Schwendt <mschwendt at fedoraproject.org> - 0.48-1
+- Update to 0.48 (new tests, enhanced tests, minor bug-fixes).
+
+* Tue Aug 21 2007 Michael Schwendt <mschwendt at fedoraproject.org>
+- rebuilt
+
+* Wed May 23 2007 Michael Schwendt <mschwendt at fedoraproject.org> - 0.47-7
+- Fix obsolete PAM pam_stack usage (#241038) to make desktop menu
+ and consolehelper work again.
+
+* Sun Feb 11 2007 Michael Schwendt <mschwendt at fedoraproject.org> - 0.47-6
+- Make chklastlog default to /var/log/lastlog and /var/log/wtmp,
+ which can be set with options -l and -f, too, however.
+
+* Wed Jan 31 2007 Michael Schwendt <mschwendt at fedoraproject.org> - 0.47-5
+- Upstream wants to disable the OBSD rk v1 check on Linux with
+ next release.
+
+* Tue Jan 30 2007 Michael Schwendt <mschwendt at fedoraproject.org> - 0.47-4
+- Don't like the previous patch yet, since it is unsafe and
+ makes -p more difficult, so removed it again.
+
+* Tue Jan 30 2007 Michael Schwendt <mschwendt at fedoraproject.org> - 0.47-3
+- Patch OpenBSD rootkit check to not report libgcj file
+ /usr/lib/security/classpath.security without querying the RPM
+ database about that file
+- Add README.false_positives
+
+* Thu Jan 04 2007 Michael Schwendt <mschwendt at fedoraproject.org>
+- rebuilt
+
+* Fri Oct 20 2006 Michael Schwendt <mschwendt at fedoraproject.org> - 0.47-1
+- Update to 0.47.
+- mark PAM and consolehelper files in /etc as config
+
+* Mon Aug 28 2006 Michael Schwendt <mschwendt at fedoraproject.org>
+- rebuilt
+
+* Sat Feb 25 2006 Michael Schwendt <mschwendt at fedoraproject.org> - 0.46a-2
+- rebuilt for FC5
+
+* Thu Nov 10 2005 Michael Schwendt <mschwendt at fedoraproject.org> - 0.46a-1
- Update to 0.46a.
-* Fri Aug 19 2005 Michael Schwendt <mschwendt[AT]users.sf.net> - 0.45-4
+* Fri Aug 19 2005 Michael Schwendt <mschwendt at fedoraproject.org> - 0.45-4
- Pass on command-line arguments to main program (#166321).
-* Mon May 9 2005 Michael Schwendt <mschwendt[AT]users.sf.net> - 0.45-3
+* Mon May 9 2005 Michael Schwendt <mschwendt at fedoraproject.org> - 0.45-3
- Create debuginfo package, remove stripping from Makefile in %%prep,
build with optflags.
-* Thu Mar 17 2005 Michael Schwendt <mschwendt[AT]users.sf.net> - 0.45-2
+* Thu Mar 17 2005 Michael Schwendt <mschwendt at fedoraproject.org> - 0.45-2
- Make GCC4 shut up by including more C headers in chkproc.c/chkwtmp.c
-* Thu Feb 24 2005 Michael Schwendt <mschwendt[AT]users.sf.net> - 0:0.45-1
+* Thu Feb 24 2005 Michael Schwendt <mschwendt at fedoraproject.org> - 0:0.45-1
- Update to 0.45, trim description.
-* Mon Oct 4 2004 Michael Schwendt <mschwendt[AT]users.sf.net> - 0:0.44-0.fdr.2
+* Mon Oct 4 2004 Michael Schwendt <mschwendt at fedoraproject.org> - 0:0.44-0.fdr.2
- Fix inetd/sshd checks.
-* Sat Sep 11 2004 Michael Schwendt <mschwendt[AT]users.sf.net> - 0:0.44-0.fdr.1
+* Sat Sep 11 2004 Michael Schwendt <mschwendt at fedoraproject.org> - 0:0.44-0.fdr.1
- Update to 0.44.
* Wed Aug 18 2004 Phillip Compton <pcompton[AT]proteinmedia.com> - 0:0.43-0.fdr.5
- License COPYRIGHTED -> BSD-like (#1746).
-* Sat Mar 13 2004 Michael Schwendt <mschwendt[AT]users.sf.net> - 0:0.43-0.fdr.4
+* Sat Mar 13 2004 Michael Schwendt <mschwendt at fedoraproject.org> - 0:0.43-0.fdr.4
- rh80 doesn't have sed -i, use perl instead (#1326).
- Obsolete chkrootkit-strings patch due to soft-link since 0.43-0.fdr.1.
-* Fri Feb 27 2004 Michael Schwendt <mschwendt[AT]users.sf.net> - 0:0.43-0.fdr.3
+* Fri Feb 27 2004 Michael Schwendt <mschwendt at fedoraproject.org> - 0:0.43-0.fdr.3
- Make in %%build section (#1326).
-* Fri Feb 27 2004 Michael Schwendt <mschwendt[AT]users.sf.net> - 0:0.43-0.fdr.2
+* Fri Feb 27 2004 Michael Schwendt <mschwendt at fedoraproject.org> - 0:0.43-0.fdr.2
- Substitute a few hardcoded paths (#1326).
-* Thu Feb 26 2004 Michael Schwendt <mschwendt[AT]users.sf.net> - 0:0.43-0.fdr.1
+* Thu Feb 26 2004 Michael Schwendt <mschwendt at fedoraproject.org> - 0:0.43-0.fdr.1
- Update to 0.43.
- Add dependency on consolehelper binary.
- Drop patched chkrootkit script due to change in 0.42-0.fdr.3.b.
- Make available "strings-static" as "strings", too.
-* Wed Dec 10 2003 Michael Schwendt <mschwendt[AT]users.sf.net> - 0:0.42-0.fdr.3.b
+* Wed Dec 10 2003 Michael Schwendt <mschwendt at fedoraproject.org> - 0:0.42-0.fdr.3.b
- Make /usr/bin/chkrootkit enter chkrootkit home directory.
This puts its own helper tools into its search path.
Index: sources
===================================================================
RCS file: /cvs/pkgs/rpms/chkrootkit/EL-4/sources,v
retrieving revision 1.5
retrieving revision 1.6
diff -u -r1.5 -r1.6
--- sources 29 Nov 2005 13:05:35 -0000 1.5
+++ sources 23 Apr 2008 12:54:41 -0000 1.6
@@ -1 +1,2 @@
-b73fb9e365d2edcd031d65b16e965a18 chkrootkit-0.46a.tar.gz
+b98238251eda3c743c97e1d0ac8dd598 chkrootkit-0.48.tar.gz.sig
+de8b8b5013e7faa2b66c0e33c59677e8 chkrootkit-0.48.tar.gz
- Previous message (by thread): rpms/NetworkManager-openvpn/F-9 NetworkManager-openvpn-0.7.0-name-file-generation.patch, NONE, 1.1 NetworkManager-openvpn.spec, 1.12, 1.13
- Next message (by thread): rpms/perl-File-Copy-Recursive/F-8 .cvsignore, 1.5, 1.6 perl-File-Copy-Recursive.spec, 1.9, 1.10 sources, 1.5, 1.6
- Messages sorted by:
[ date ]
[ thread ]
[ subject ]
[ author ]
More information about the fedora-extras-commits
mailing list