[rkhunter] Add patch to fix ALLOWPROCDELFILE config option. fixes bug #727524

Kevin Fenzi kevin at fedoraproject.org
Fri Aug 5 22:50:37 UTC 2011 

commit 3f82808f89535c43e7168324ad1df4b832589a54
Author: Kevin Fenzi <kevin at scrye.com>
Date:   Fri Aug 5 16:50:17 2011 -0600

    Add patch to fix ALLOWPROCDELFILE config option. fixes bug #727524

 rkhunter-1.3.8-ifs.patch |   21 +++++++++++++++++++++
 rkhunter.spec            |    8 +++++++-
 2 files changed, 28 insertions(+), 1 deletions(-)
---
diff --git a/rkhunter-1.3.8-ifs.patch b/rkhunter-1.3.8-ifs.patch
new file mode 100644
index 0000000..8c7f476
--- /dev/null
+++ b/rkhunter-1.3.8-ifs.patch
@@ -0,0 +1,21 @@
+diff -Nur rkhunter-1.3.8.orig/files/rkhunter rkhunter-1.3.8/files/rkhunter
+--- rkhunter-1.3.8.orig/files/rkhunter	2011-08-05 16:44:41.771726323 -0600
++++ rkhunter-1.3.8/files/rkhunter	2011-08-05 16:42:23.620626041 -0600
+@@ -11960,6 +11960,8 @@
+ 					PROCWHITELISTED=0
+ 					PROCDELFILES_GIVEN=0
+ 
++                                        IFS=$RKHIFS
++
+ 					for RKHTMPVAR in ${ALLOWPROCDELFILES}; do
+ 						PROCDELFILES_GIVEN=0
+ 
+@@ -11983,6 +11985,8 @@
+ 						fi
+ 					done
+ 
++                                        IFS=$IFSNL
++
+ 					test $HAVE_READLINK -eq 0 && PROC="\"${PROC}\""
+ 
+ 					if [ $PROCWHITELISTED -eq 1 ]; then
diff --git a/rkhunter.spec b/rkhunter.spec
index 99002fd..de286b1 100644
--- a/rkhunter.spec
+++ b/rkhunter.spec
@@ -1,6 +1,6 @@
 Name:           rkhunter
 Version:        1.3.8
-Release:        8%{?dist}
+Release:        9%{?dist}
 Summary:        A host-based tool to scan for rootkits, backdoors and local exploits
 
 Group:          Applications/System
@@ -12,6 +12,8 @@ Source3:        rkhunter.sysconfig
 Patch0:         rkhunter-1.3.8-fedoraconfig.patch
 # Upstream in http://rkhunter.cvs.sourceforge.net/viewvc/rkhunter/rkhunter/files/rkhunter?r1=1.396&r2=1.397&view=patch
 Patch1:		rkhunter-1.3.8-file.patch
+# Upstream already. 
+Patch2:         rkhunter-1.3.8-ifs.patch
 BuildArch:      noarch
 BuildRoot:      %{_tmppath}/%{name}-%{version}-%{release}-root-%(%{__id_u} -n)
 
@@ -30,6 +32,7 @@ and other unwanted tools.
 
 %patch0 -p1
 %patch1 -p1
+%patch2 -p1
 
 %{__cat} <<'EOF' >%{name}.logrotate
 %{_localstatedir}/log/%{name}/%{name}.log {
@@ -96,6 +99,9 @@ EOF
 %{_mandir}/man8/*
 
 %changelog
+* Fri Aug 05 2011 Kevin Fenzi <kevin at scrye.com> - 1.3.8-9
+- Add patch to fix ALLOWPROCDELFILE config option. fixes bug #727524
+
 * Fri Jul 08 2011 Kevin Fenzi <kevin at scrye.com> - 1.3.8-8
 - Fix typo

More information about the scm-commits mailing list