rpms/rkhunter/EL-5 rkhunter.spec, 1.19, 1.20 rkhunter-1.3.6-fedoraconfig.patch, 1.1, 1.2
Kevin Fenzi
kevin at fedoraproject.org
Sat Jun 5 19:35:59 UTC 2010
Author: kevin
Update of /cvs/pkgs/rpms/rkhunter/EL-5
In directory cvs01.phx2.fedoraproject.org:/tmp/cvs-serv29755
Modified Files:
rkhunter.spec rkhunter-1.3.6-fedoraconfig.patch
Log Message:
Sync up to fedora version
Index: rkhunter.spec
===================================================================
RCS file: /cvs/pkgs/rpms/rkhunter/EL-5/rkhunter.spec,v
retrieving revision 1.19
retrieving revision 1.20
diff -u -p -r1.19 -r1.20
--- rkhunter.spec 6 Dec 2009 19:47:47 -0000 1.19
+++ rkhunter.spec 5 Jun 2010 19:35:59 -0000 1.20
@@ -1,6 +1,6 @@
Name: rkhunter
Version: 1.3.6
-Release: 2%{?dist}
+Release: 7%{?dist}
Summary: A host-based tool to scan for rootkits, backdoors and local exploits
Group: Applications/System
@@ -95,6 +95,24 @@ EOF
%{_mandir}/man8/*
%changelog
+* Sat Jun 05 2010 Kevin Fenzi <kevin at tummy.com> - 1.3.6-7
+- Add ipsec.hmac exclude - bug #560594
+
+* Fri May 28 2010 Kevin Fenzi <kevin at tummy.com> - 1.3.6-6
+- Add exclude for md-device-map - bug #596731
+- Supress ssh version check - bug #596775
+
+* Sat Mar 06 2010 Kevin Fenzi <kevin at tummy.com> - 1.3.6-5
+- Change config to not specify XINETD_PATH - bug #560562
+
+* Sat Jan 23 2010 Kevin Fenzi <kevin at tummy.com> - 1.3.6-4
+- Change email to just root instead of root at localhost - bug #553179
+- Add .k5login.5.gz to files whitelist - bug #553134
+
+* Tue Jan 05 2010 Kevin Fenzi <kevin at tummy.com> - 1.3.6-3
+- Add some more ssh hmac files to whitelist - bug #552621
+- Re-add /dev/.mdadm.map to whitelisted files - bug #539405
+
* Tue Dec 01 2009 Kevin Fenzi <kevin at tummy.com> - 1.3.6-2
- Disable apps check by default - bug #543065
rkhunter-1.3.6-fedoraconfig.patch:
rkhunter.conf | 89 ++++++++++++++++++++++++++++++++--------------------------
1 file changed, 50 insertions(+), 39 deletions(-)
Index: rkhunter-1.3.6-fedoraconfig.patch
===================================================================
RCS file: /cvs/pkgs/rpms/rkhunter/EL-5/rkhunter-1.3.6-fedoraconfig.patch,v
retrieving revision 1.1
retrieving revision 1.2
diff -u -p -r1.1 -r1.2
--- rkhunter-1.3.6-fedoraconfig.patch 6 Dec 2009 19:47:47 -0000 1.1
+++ rkhunter-1.3.6-fedoraconfig.patch 5 Jun 2010 19:35:59 -0000 1.2
@@ -1,12 +1,12 @@
diff -Nur rkhunter-1.3.6.orig/files/rkhunter.conf rkhunter-1.3.6/files/rkhunter.conf
--- rkhunter-1.3.6.orig/files/rkhunter.conf 2009-11-28 15:13:19.000000000 -0700
-+++ rkhunter-1.3.6/files/rkhunter.conf 2009-12-01 17:43:15.000000000 -0700
++++ rkhunter-1.3.6/files/rkhunter.conf 2010-06-05 12:07:58.000000000 -0600
@@ -71,7 +71,7 @@
# NOTE: This option should be present in the configuration file.
#
#MAIL-ON-WARNING=me at mydomain root at mydomain
-MAIL-ON-WARNING=""
-+MAIL-ON-WARNING="root at localhost"
++MAIL-ON-WARNING="root"
#
# Specify the mail command to use if MAIL-ON-WARNING is set.
@@ -65,6 +65,15 @@ diff -Nur rkhunter-1.3.6.orig/files/rkhu
#
# Set this option to '1' to allow the use of the SSH-1 protocol, but note
+@@ -207,7 +207,7 @@
+ # configuration file, then a value of '2' may be set here in order to
+ # suppress a warning message. This option has a default value of '0'.
+ #
+-ALLOW_SSH_PROT_V1=0
++ALLOW_SSH_PROT_V1=2
+
+ #
+ # This setting tells rkhunter the directory containing the SSH configuration
@@ -236,7 +236,7 @@
# tests, the test names, and how rkhunter behaves when these options are used.
#
@@ -99,7 +108,7 @@ diff -Nur rkhunter-1.3.6.orig/files/rkhu
#
# Allow the specified commands to have the immutable attribute set.
-@@ -406,37 +409,35 @@
+@@ -406,37 +409,42 @@
# Allow the specified hidden directories.
# One directory per line (use multiple ALLOWHIDDENDIR lines).
#
@@ -148,6 +157,10 @@ diff -Nur rkhunter-1.3.6.orig/files/rkhu
+ALLOWHIDDENFILE=/lib/.libssl.so.6.hmac
+ALLOWHIDDENFILE=/usr/bin/.fipscheck.hmac
+ALLOWHIDDENFILE=/usr/bin/.ssh.hmac
++ALLOWHIDDENFILE=/usr/bin/.ssh-keygen.hmac
++ALLOWHIDDENFILE=/usr/bin/.ssh-keyscan.hmac
++ALLOWHIDDENFILE=/usr/bin/.ssh-add.hmac
++ALLOWHIDDENFILE=/usr/bin/.ssh-agent.hmac
+ALLOWHIDDENFILE=/usr/lib*/.libfipscheck.so.1.1.0.hmac
+ALLOWHIDDENFILE=/usr/lib*/.libfipscheck.so.1.hmac
+ALLOWHIDDENFILE=/usr/lib*/.libgcrypt.so.11.hmac
@@ -156,10 +169,13 @@ diff -Nur rkhunter-1.3.6.orig/files/rkhu
+ALLOWHIDDENFILE=/usr/lib*/hmaccalc/sha384hmac.hmac
+ALLOWHIDDENFILE=/usr/lib*/hmaccalc/sha512hmac.hmac
+ALLOWHIDDENFILE=/usr/sbin/.sshd.hmac
++ALLOWHIDDENFILE=/dev/.mdadm.map
++ALLOWHIDDENFILE=/usr/share/man/man5/.k5login.5.gz
++ALLOWHIDDENFILE=/usr/sbin/.ipsec.hmac
#
# Allow the specified processes to use deleted files.
-@@ -495,7 +496,7 @@
+@@ -495,10 +503,11 @@
# ALLOWDEVFILE lines).
#
#ALLOWDEVFILE=/dev/abc
@@ -168,16 +184,11 @@ diff -Nur rkhunter-1.3.6.orig/files/rkhu
#ALLOWDEVFILE=/dev/shm/sem.ADBE_ReadPrefs_*
#ALLOWDEVFILE=/dev/shm/sem.ADBE_REL_*
#ALLOWDEVFILE=/dev/shm/sem.ADBE_WritePrefs_*
-@@ -536,7 +537,7 @@
- # This setting tells rkhunter where the xinetd configuration
- # file is located.
- #
--#XINETD_CONF_PATH=/etc/xinetd.conf
-+XINETD_CONF_PATH=/etc/xinetd.conf
++ALLOWDEVFILE=/dev/md/md-device-map
#
- # Allow the following enabled xinetd services. Whilst it would be
-@@ -822,3 +823,5 @@
+ # This setting tells rkhunter where the inetd configuration
+@@ -822,3 +831,5 @@
# Enabling this feature implies you have the knowledge to interprete results properly.
#
#SCANROOTKITMODE=THOROUGH
More information about the scm-commits
mailing list