rpms/rkhunter/EL-5 rkhunter-1.3.4.tar.gz.sha1.txt, NONE, 1.1 rkhunter-1.3.4-fedoraconfig.patch, NONE, 1.1 01-rkhunter, 1.3, 1.4 sources, 1.9, 1.10 .cvsignore, 1.8, 1.9 rkhunter.spec, 1.16, 1.17
Kevin Fenzi
kevin at fedoraproject.org
Thu Mar 12 04:47:41 UTC 2009
Author: kevin
Update of /cvs/extras/rpms/rkhunter/EL-5
In directory cvs1.fedora.phx.redhat.com:/tmp/cvs-serv17946
Modified Files:
01-rkhunter sources .cvsignore rkhunter.spec
Added Files:
rkhunter-1.3.4.tar.gz.sha1.txt
rkhunter-1.3.4-fedoraconfig.patch
Log Message:
Update to 1.3.4
Sync with Fedora version, lots of fixes
--- NEW FILE rkhunter-1.3.4.tar.gz.sha1.txt ---
73a42c94be2fb1fd3284d8dc60d22ff0fc8407f4 rkhunter-1.3.4/files/WISHLIST
c82074175e72642dd74322ce29281f0f2fe2798c rkhunter-1.3.4/files/programs_bad.dat
443431d6c4dde5ff474fc9521561c6858478ad81 rkhunter-1.3.4/files/rkhunter
59de768a09a4cd13599653df85ecc2362e416ab3 rkhunter-1.3.4/files/defaulthashes.dat
9203f315cf8ea90724f70595c0b8facd61169b4a rkhunter-1.3.4/files/i18n/cn
736fd9ea453f34c023a9ebed97fa0cea7461aeb8 rkhunter-1.3.4/files/i18n/zh.utf8
3aa3999bd924382f2a7b7e52ad0c3f7834d2285c rkhunter-1.3.4/files/i18n/zh
a81ea7ee1677bb2f09c68ef55cac4819d102dfc0 rkhunter-1.3.4/files/i18n/en
ff10891d252f3859abe63054eb64f0e9eae2d781 rkhunter-1.3.4/files/tools/README
90876286c511986474144a5a1fc21afa0f5f29c5 rkhunter-1.3.4/files/tools/update_client.sh
e3ba269e33d5d385230d0a4457d87cf6e3acece8 rkhunter-1.3.4/files/tools/update_server.sh
98e225b334e319edaff76c079a3a241289ffa9c7 rkhunter-1.3.4/files/README
ebc05604eb51b10478d35ac3750699cefecd5ae3 rkhunter-1.3.4/files/filehashmd5.pl
d5bff919ce44a345a193824ea16b0404008d7823 rkhunter-1.3.4/files/programs_good.dat
beed9c4b594c5be28ca4837fdcd2ac367e2946ee rkhunter-1.3.4/files/contrib/run_rkhunter.sh
225cc53f9691ad39f10bd2aaac478355ce4dc411 rkhunter-1.3.4/files/contrib/README.txt
285155f63cfa7a6a73ec0352dccaaa2221989b94 rkhunter-1.3.4/files/contrib/rkhunter_remote_howto.txt
56bf42d4fe669412b84eb307d5e314af4501dc9a rkhunter-1.3.4/files/testing/stringscanner.sh
361ada5406c7e57e62e840caf3d3bce5e8436fc1 rkhunter-1.3.4/files/testing/rootkitinfo.txt
73e76916a3f65dde2317fff6c932e1d77760fdf7 rkhunter-1.3.4/files/testing/rkhunter.conf
1878119b6045eeab6a5afaebad7b523e86c3a935 rkhunter-1.3.4/files/filehashsha1.pl
a656a91b37a83a2325843f0ccedb5eb7866506ac rkhunter-1.3.4/files/mirrors.dat
9ddeec64999f4c0e6f9aa5992cd25c503311b764 rkhunter-1.3.4/files/backdoorports.dat
a0badd192cc4f33fbf38f446eae3c858ba81c88f rkhunter-1.3.4/files/check_modules.pl
82c8c3881d59d228de3ce74a4b7b68eac07940f1 rkhunter-1.3.4/files/md5blacklist.dat
4510d2228e144f80d75caef01c172095b2b4c24b rkhunter-1.3.4/files/rkhunter.conf
5c4319fe3f9acc552b7a9e973b7d081f7cb31642 rkhunter-1.3.4/files/check_port.pl
f50ab02e29a0f4eba0ebe698f2c750a3b0298009 rkhunter-1.3.4/files/CHANGELOG
951b498f71fc4a126ca435f7bce96ed8b821efb6 rkhunter-1.3.4/files/os.dat
996a29dee608374e601ecf0253e445e16506c672 rkhunter-1.3.4/files/check_update.sh
2e971f1c9f355d2172db3c5a33601b7037853ac1 rkhunter-1.3.4/files/FAQ
7fa41ed0dc8c95b48b04dab42f1eaf8031c6ce7c rkhunter-1.3.4/files/ACKNOWLEDGMENTS
5dfa5246dc1c87b05f44f9f444466ce3d0d6edec rkhunter-1.3.4/files/stat.pl
345ab306455525cf5626caadda22b5dcbf732bc1 rkhunter-1.3.4/files/LICENSE
5fc098260380362a515d32376e8d5522f1ccf716 rkhunter-1.3.4/files/readlink.sh
e158163bfe6cb414d839e91880af37611f8b5cc0 rkhunter-1.3.4/files/development/createfilehashes.pl
0c613880f3447af695ca9f9f93e158b34c2a10c3 rkhunter-1.3.4/files/development/osinformation.sh
7378fb7e91b1f7e789508e4e8d00e1e3a70ee6ff rkhunter-1.3.4/files/development/search_dead_sysmlinks.sh
d09ab61a3563122b8cd6415e3083dfe1ef285a2b rkhunter-1.3.4/files/development/i18nchk
cb4903c649ad50b79230f5a5250da82c1d9ccb0f rkhunter-1.3.4/files/development/createhashes.sh
4f4dfb87e758236cadc5ac5af67bbb35f4f63eb1 rkhunter-1.3.4/files/development/rpmprelinkhashes.sh
6b2f032d6143ed3b6ba3eae19d7921e154e69e47 rkhunter-1.3.4/files/development/createhashesall.sh
614a5d3999055a8faeecc393c5695d628e5a7675 rkhunter-1.3.4/files/development/rpmhashes.sh
ec4d60774decbb354f7aafcc2b65b1f87e000c97 rkhunter-1.3.4/files/suspscan.dat
0b0c2b2b1e6342ada9b1df48cda550e5120f0cdf rkhunter-1.3.4/files/rkhunter.8
43bca835d9c64ab2f8cf7f1a5a078bb1b7da9306 rkhunter-1.3.4/files/showfiles.pl
21d8c152e81061d37d122e3a82283448cd267e73 rkhunter-1.3.4/files/rkhunter.spec
0093470e31268c538ecacc803969819faf742dde rkhunter-1.3.4/installer.sh
rkhunter-1.3.4-fedoraconfig.patch:
--- NEW FILE rkhunter-1.3.4-fedoraconfig.patch ---
diff -Nur rkhunter-1.3.4.orig/files/rkhunter.conf rkhunter-1.3.4/files/rkhunter.conf
--- rkhunter-1.3.4.orig/files/rkhunter.conf 2008-12-30 14:23:00.000000000 -0700
+++ rkhunter-1.3.4/files/rkhunter.conf 2009-03-04 22:09:48.000000000 -0700
@@ -68,7 +68,7 @@
# NOTE: This option should be present in the configuration file.
#
#MAIL-ON-WARNING=me at mydomain root at mydomain
-MAIL-ON-WARNING=""
+MAIL-ON-WARNING="root at localhost"
#
# Specify the mail command to use if MAIL-ON-WARNING is set.
@@ -84,17 +84,17 @@
# important files will be written to this directory, so be
# sure that the directory permissions are tight.
#
-#TMPDIR=/var/lib/rkhunter/tmp
+TMPDIR=/var/lib/rkhunter/
#
# Specify the database directory to use.
#
-#DBDIR=/var/lib/rkhunter/db
+DBDIR=/var/lib/rkhunter/db
#
# Specify the script directory to use.
#
-#SCRIPTDIR=/usr/local/lib/rkhunter/scripts
+SCRIPTDIR=/usr/share/rkhunter/scripts
#
# Specify the root directory to use.
@@ -123,13 +123,13 @@
#
# NOTE: This option should be present in the configuration file.
#
-LOGFILE=/var/log/rkhunter.log
+LOGFILE=/var/log/rkhunter/rkhunter.log
#
# Set the following option to 1 if the log file is to be appended to
# whenever rkhunter is run.
#
-APPEND_LOG=0
+APPEND_LOG=1
#
# Set the following option to enable the rkhunter check start and finish
@@ -165,7 +165,7 @@
# file, then a value here of 'yes' or 'unset' will not cause a warning.
# This option has a default value of 'no'.
#
-ALLOW_SSH_ROOT_USER=no
+ALLOW_SSH_ROOT_USER=yes
#
# Set this option to '1' to allow the use of the SSH-1 protocol, but note
@@ -205,7 +205,7 @@
# tests, the test names, and how rkhunter behaves when these options are used.
#
ENABLE_TESTS="all"
-DISABLE_TESTS="suspscan hidden_procs deleted_files packet_cap_apps"
+DISABLE_TESTS="additional_rkts suspscan hidden_procs deleted_files packet_cap_apps"
#
# The HASH_FUNC option can be used to specify the command to use
@@ -260,7 +260,7 @@
# For any file not part of a package, rkhunter will revert to using
# the HASH_FUNC hash function instead.
#
-#PKGMGR=NONE
+PKGMGR=RPM
#
# Whitelist the hash (content) for the specified files. Only useful
@@ -298,6 +298,12 @@
#SCRIPTWHITELIST=/sbin/ifup
#SCRIPTWHITELIST=/sbin/ifdown
#SCRIPTWHITELIST=/usr/bin/groups
+SCRIPTWHITELIST=/usr/bin/whatis
+SCRIPTWHITELIST=/usr/bin/ldd
+SCRIPTWHITELIST=/usr/bin/groups
+SCRIPTWHITELIST=/usr/bin/GET
+SCRIPTWHITELIST=/sbin/ifup
+SCRIPTWHITELIST=/sbin/ifdown
#
# Allow the specified commands to have the immutable attribute set.
@@ -310,7 +316,7 @@
# One directory per line (use multiple ALLOWHIDDENDIR lines).
#
#ALLOWHIDDENDIR=/etc/.java
-#ALLOWHIDDENDIR=/dev/.udev
+ALLOWHIDDENDIR=/dev/.udev
#ALLOWHIDDENDIR=/dev/.udevdb
#ALLOWHIDDENDIR=/dev/.udev.tdb
#ALLOWHIDDENDIR=/dev/.static
@@ -322,9 +328,18 @@
# One file per line (use multiple ALLOWHIDDENFILE lines).
#
#ALLOWHIDDENFILE=/etc/.java
-#ALLOWHIDDENFILE=/usr/share/man/man1/..1.gz
+ALLOWHIDDENFILE=/usr/share/man/man1/..1.gz
#ALLOWHIDDENFILE=/etc/.pwd.lock
#ALLOWHIDDENFILE=/etc/.init.state
+#
+# Allow hmac ssh files for Fedora
+#
+ALLOWHIDDENFILE=/usr/bin/.ssh.hmac
+ALLOWHIDDENFILE=/usr/bin/.ssh-keyscan.hmac
+ALLOWHIDDENFILE=/usr/bin/.ssh-keygen.hmac
+ALLOWHIDDENFILE=/usr/bin/.ssh-add.hmac
+ALLOWHIDDENFILE=/usr/bin/.ssh-agent.hmac
+ALLOWHIDDENFILE=/usr/sbin/.sshd.hmac
#
# Allow the specified processes to use deleted files.
@@ -367,7 +382,7 @@
# ALLOWDEVFILE lines).
#
#ALLOWDEVFILE=/dev/abc
-#ALLOWDEVFILE=/dev/shm/pulse-shm-*
+ALLOWDEVFILE=/dev/shm/pulse-shm-*
#
# This setting tells rkhunter where the inetd configuration
@@ -460,7 +475,7 @@
# file. This setting will be worked out by rkhunter, and so should not
# usually need to be set.
#
-#SYSLOG_CONFIG_FILE=/etc/syslog.conf
+SYSLOG_CONFIG_FILE=/etc/syslog.conf
#
# This option permits the use of syslog remote logging.
@@ -549,7 +564,7 @@
# specified, then RKH will assume the O/S release information is on the
# first non-blank line of the file.
#
-#OS_VERSION_FILE="/etc/release"
+OS_VERSION_FILE="/etc/redhat-release"
#
# The following two options can be used to whitelist files and directories
@@ -578,3 +593,4 @@
#
#MODULES_DIR=""
+INSTALLDIR="/usr"
Index: 01-rkhunter
===================================================================
RCS file: /cvs/extras/rpms/rkhunter/EL-5/01-rkhunter,v
retrieving revision 1.3
retrieving revision 1.4
diff -u -r1.3 -r1.4
--- 01-rkhunter 17 Jun 2008 19:16:18 -0000 1.3
+++ 01-rkhunter 12 Mar 2009 04:47:10 -0000 1.4
@@ -22,7 +22,7 @@
if [ "$DIAG_SCAN" == "yes" ]; then
RKHUNTER_FLAGS="--checkall --skip-keypress --nocolors --quiet --appendlog --display-logfile"
else
- RKHUNTER_FLAGS="--cronjob --report-warnings-only"
+ RKHUNTER_FLAGS="--cronjob --nocolors --report-warnings-only"
fi
# Set a few critical parameters
@@ -33,7 +33,7 @@
if [ -x $RKHUNTER ]; then
/bin/echo -e "\n--------------------- Start Rootkit Hunter Update ---------------------" \
> $TMPFILE1
- /bin/nice -n 10 $RKHUNTER --update 2>&1 >> $TMPFILE1
+ /bin/nice -n 10 $RKHUNTER --update --nocolors 2>&1 >> $TMPFILE1
/bin/echo -e "\n---------------------- Start Rootkit Hunter Scan ----------------------" \
>> $TMPFILE1
/bin/nice -n 10 $RKHUNTER $RKHUNTER_FLAGS 2>&1 >> $TMPFILE1
@@ -42,7 +42,7 @@
>> $TMPFILE1
if [ $XITVAL != 0 ]; then
- /bin/cat $TMPFILE1 | /bin/mail -s 'rkhunter Daily Run' $MAILTO
+ /bin/cat $TMPFILE1 | /bin/mail -s "rkhunter Daily Run on $(hostname)" $MAILTO
fi
/bin/cat $TMPFILE1 >> $LOGFILE
fi
Index: sources
===================================================================
RCS file: /cvs/extras/rpms/rkhunter/EL-5/sources,v
retrieving revision 1.9
retrieving revision 1.10
diff -u -r1.9 -r1.10
--- sources 29 Feb 2008 03:33:37 -0000 1.9
+++ sources 12 Mar 2009 04:47:10 -0000 1.10
@@ -1 +1 @@
-a00ff64d7076d6ff47ef0c9f0b6202f2 rkhunter-1.3.2.tar.gz
+31eaacc4d01ad138d1a4283f105088e6 rkhunter-1.3.4.tar.gz
Index: .cvsignore
===================================================================
RCS file: /cvs/extras/rpms/rkhunter/EL-5/.cvsignore,v
retrieving revision 1.8
retrieving revision 1.9
diff -u -r1.8 -r1.9
--- .cvsignore 29 Feb 2008 03:33:37 -0000 1.8
+++ .cvsignore 12 Mar 2009 04:47:10 -0000 1.9
@@ -1 +1 @@
-rkhunter-1.3.2.tar.gz
+rkhunter-1.3.4.tar.gz
Index: rkhunter.spec
===================================================================
RCS file: /cvs/extras/rpms/rkhunter/EL-5/rkhunter.spec,v
retrieving revision 1.16
retrieving revision 1.17
diff -u -r1.16 -r1.17
--- rkhunter.spec 15 Sep 2008 22:25:55 -0000 1.16
+++ rkhunter.spec 12 Mar 2009 04:47:10 -0000 1.17
@@ -1,16 +1,16 @@
Name: rkhunter
-Version: 1.3.2
+Version: 1.3.4
Release: 5%{?dist}
Summary: A host-based tool to scan for rootkits, backdoors and local exploits
Group: Applications/System
License: GPLv2+
URL: http://rkhunter.sourceforge.net/
-Source0: http://downloads.sourceforge.net/rkhunter/rkhunter-1.3.2.tar.gz
-Source1: http://downloads.sourceforge.net/rkhunter/rkhunter-1.3.2.tar.gz.sha1.txt
+Source0: http://downloads.sourceforge.net/rkhunter/rkhunter-%{version}.tar.gz
+Source1: http://downloads.sourceforge.net/rkhunter/rkhunter-%{version}.tar.gz.sha1.txt
Source2: 01-rkhunter
Source3: rkhunter.sysconfig
-Patch0: rkhunter-1.3.2-debugtmp.patch
+Patch0: rkhunter-1.3.4-fedoraconfig.patch
BuildArch: noarch
BuildRoot: %{_tmppath}/%{name}-%{version}-%{release}-root-%(%{__id_u} -n)
@@ -27,40 +27,7 @@
%setup -q
-%{__perl} -pi.0001 -e '
- s|^#(MAIL-ON-WARNING=).+$|$1root\@localhost|;
- s|^#(TMPDIR=).+$|$1%{_var}/run/%{name}|;
- s|^#(DBDIR=).+$|$1%{_var}/lib/%{name}/db|;
- s|^#(SCRIPTDIR=).+$|$1%{_datadir}/%{name}/scripts|;
- s|^#(PKGMGR=).+$|$1RPM|;
-%if 0%{?el4}%{?el5}
- s|^#(OS_VERSION_FILE=).+$|$1/etc/redhat-release|;
-%else
- s|^#(OS_VERSION_FILE=).+$|$1/etc/fedora-release|;
-%endif
- s|^#(ALLOWHIDDENDIR=).+$|$1/dev/.udev|;
- s|^#(ALLOWHIDDENFILE=).+$|$1/usr/share/man/man1/..1.gz|;
- s|^(APPEND_LOG=).+$|$11|;
- s|^(LOGFILE=).+$|$1/var/log/rkhunter/rkhunter.log|;
- s|^(ALLOW_SSH_ROOT_USER=).+$|$1yes|;
- s|^(DISABLE_TESTS=).+$|$1"additional_rkts suspscan hidden_procs deleted_files packet_cap_apps"|;
- ' files/%{name}.conf
-
-# Add Fedora specific configs
-echo "INSTALLDIR=%{_prefix}" >> files/%{name}.conf
-echo "SCRIPTWHITELIST=/usr/bin/whatis" >> files/%name.conf
-echo "SCRIPTWHITELIST=/usr/bin/ldd" >> files/%name.conf
-echo "SCRIPTWHITELIST=/usr/bin/groups" >> files/%name.conf
-echo "SCRIPTWHITELIST=/usr/bin/GET" >> files/%name.conf
-echo "SCRIPTWHITELIST=/sbin/ifup" >> files/%name.conf
-echo "SCRIPTWHITELIST=/sbin/ifdown" >> files/%name.conf
-# in f8/f9/f10
-%if 0%{?fc8}%{?fc9}%{?fc10}
-echo "SYSLOG_CONFIG_FILE=/etc/rsyslog.conf" >> files/%name.conf
-echo "ALLOWDEVFILE=/dev/shm/pulse-shm-*" >> files/%name.conf
-%else
-echo "SYSLOG_CONFIG_FILE=/etc/syslog.conf" >> files/%name.conf
-%endif
+%patch0 -p1
%{__cat} <<'EOF' >%{name}.logrotate
%{_localstatedir}/log/%{name}/%{name}.log {
@@ -70,8 +37,6 @@
}
EOF
-%patch0 -p1
-
%build
# Nothing to be built
@@ -139,6 +104,27 @@
%{_mandir}/man8/*
%changelog
+* Sun Mar 08 2009 Kevin Fenzi <kevin at tummy.com> - 1.3.4-5
+- Fix typo in patch file
+
+* Wed Mar 04 2009 Kevin Fenzi <kevin at tummy.com> - 1.3.4-4
+- Rework spec file
+- Add check for the new hmac ssh files
+
+* Thu Feb 26 2009 Kevin Fenzi <kevin at tummy.com> - 1.3.4-3
+- Update cron job to include hostname (thanks Manuel Wolfshant)
+
+* Wed Feb 25 2009 Fedora Release Engineering <rel-eng at lists.fedoraproject.org> - 1.3.4-2
+- Rebuilt for https://fedoraproject.org/wiki/Fedora_11_Mass_Rebuild
+
+* Fri Jan 02 2009 Kevin Fenzi <kevin at tummy.com> - 1.3.4-1
+- Update to 1.3.4
+- Use libdir as tmp dir - bug #456340
+
+* Sat Dec 13 2008 Kevin Fenzi <kevin at tummy.com> - 1.3.2-6
+- Fix cron job sending as attachment - bug #472679
+- Fix cron job trying to send with colors - bug #475916
+
* Wed Sep 03 2008 Kevin Fenzi <kevin at tummy.com> - 1.3.2-5
- Patch debug tmp file issue - bug #460628
More information about the fedora-extras-commits
mailing list