[rkhunter] Add patch to fix out of the box warning on rkhunter script. Fixes bug #719270 Add etckeeper and tomb
Kevin Fenzi
kevin at fedoraproject.org
Fri Jul 8 15:37:33 UTC 2011
commit 73581d58829b38dc062985ce1a8e8c5bc605b257
Author: Kevin Fenzi <kevin at scrye.com>
Date: Fri Jul 8 09:37:06 2011 -0600
Add patch to fix out of the box warning on rkhunter script.
Fixes bug #719270
Add etckeeper and tomboy files. Fixes bug #719265 and #719259
rkhunter-1.3.8-fedoraconfig.patch | 23 +++++++++++++++++------
rkhunter-1.3.8-file.patch | 21 +++++++++++++++++++++
rkhunter.spec | 10 +++++++++-
3 files changed, 47 insertions(+), 7 deletions(-)
---
diff --git a/rkhunter-1.3.8-fedoraconfig.patch b/rkhunter-1.3.8-fedoraconfig.patch
index b264a0e..aac7359 100644
--- a/rkhunter-1.3.8-fedoraconfig.patch
+++ b/rkhunter-1.3.8-fedoraconfig.patch
@@ -1,6 +1,6 @@
diff -Nur rkhunter-1.3.8.orig/files/rkhunter.conf rkhunter-1.3.8/files/rkhunter.conf
--- rkhunter-1.3.8.orig/files/rkhunter.conf 2010-11-13 13:25:22.000000000 -0700
-+++ rkhunter-1.3.8/files/rkhunter.conf 2011-06-21 15:38:05.689017234 -0600
++++ rkhunter-1.3.8/files/rkhunter.conf 2011-07-08 09:01:31.660923511 -0600
@@ -94,16 +94,19 @@
# sure that the directory permissions are tight.
#
@@ -94,7 +94,7 @@ diff -Nur rkhunter-1.3.8.orig/files/rkhunter.conf rkhunter-1.3.8/files/rkhunter.
#
# Allow the specified commands to have the immutable attribute set.
-@@ -495,6 +505,15 @@
+@@ -495,6 +505,18 @@
#ALLOWHIDDENDIR="/dev/.initramfs"
#ALLOWHIDDENDIR="/dev/.SRC-unix"
#ALLOWHIDDENDIR="/dev/.mdadm"
@@ -107,10 +107,13 @@ diff -Nur rkhunter-1.3.8.orig/files/rkhunter.conf rkhunter-1.3.8/files/rkhunter.
+ALLOWHIDDENDIR=/dev/.mdadm
+ALLOWHIDDENDIR=/dev/.systemd
+ALLOWHIDDENDIR=/dev/.mount
++# for etckeeper
++ALLOWHIDDENDIR=/etc/.git
++ALLOWHIDDENDIR=/etc/.bzr
#
# Allow the specified hidden files to be whitelisted.
-@@ -519,6 +538,25 @@
+@@ -519,6 +541,29 @@
#ALLOWHIDDENFILE="/usr/lib/hmaccalc/sha384hmac.hmac"
#ALLOWHIDDENFILE="/usr/lib/hmaccalc/sha512hmac.hmac"
#ALLOWHIDDENFILE="/usr/sbin/.sshd.hmac"
@@ -133,19 +136,27 @@ diff -Nur rkhunter-1.3.8.orig/files/rkhunter.conf rkhunter-1.3.8/files/rkhunter.
+ALLOWHIDDENFILE=/dev/.mdadm.map
+ALLOWHIDDENFILE=/usr/share/man/man5/.k5login.5.gz
+ALLOWHIDDENFILE=/usr/sbin/.ipsec.hmac
++# etckeeper
++ALLOWHIDDENFILE=/etc/.etckeeper
++ALLOWHIDDENFILE=/etc/.gitignore
++ALLOWHIDDENFILE=/etc/.bzrignore
#
# Allow the specified processes to use deleted files. The
-@@ -583,6 +621,8 @@
+@@ -583,6 +628,12 @@
#
#ALLOWDEVFILE="/dev/shm/pulse-shm-*"
#ALLOWDEVFILE="/dev/shm/sem.ADBE_*"
+ALLOWDEVFILE=/dev/shm/pulse-shm-*
+ALLOWDEVFILE=/dev/md/md-device-map
++# tomboy creates this one
++ALLOWDEVFILE="/dev/shm/mono.*"
++# created by libv4l
++ALLOWDEVFILE="/dev/shm/libv4l-*
#
# This setting tells rkhunter where the inetd configuration
-@@ -721,6 +761,7 @@
+@@ -721,6 +772,7 @@
# The option may be specified more than once.
#
#SUSPSCAN_DIRS="/tmp /var/tmp"
@@ -153,7 +164,7 @@ diff -Nur rkhunter-1.3.8.orig/files/rkhunter.conf rkhunter-1.3.8/files/rkhunter.
#
# Directory for temporary files. A memory-based one is better (faster).
-@@ -976,3 +1017,5 @@
+@@ -976,3 +1028,5 @@
# both programs, then disable the 'hidden_procs' test.
#
#DISABLE_UNHIDE=0
diff --git a/rkhunter-1.3.8-file.patch b/rkhunter-1.3.8-file.patch
new file mode 100644
index 0000000..3b35199
--- /dev/null
+++ b/rkhunter-1.3.8-file.patch
@@ -0,0 +1,21 @@
+diff -Nur rkhunter-1.3.8.orig/files/rkhunter rkhunter-1.3.8/files/rkhunter
+--- rkhunter-1.3.8.orig/files/rkhunter 2010-11-16 17:33:49.000000000 -0700
++++ rkhunter-1.3.8/files/rkhunter 2011-07-08 08:48:12.930204260 -0600
+@@ -9880,11 +9880,15 @@
+ test -n "${BASENAME_CMD}" && RKHTMPVAR=`${BASENAME_CMD} ${FNAME}` || RKHTMPVAR=`echo "${FNAME}" | sed -e 's:^.*/::'`
+
+ if [ "${RKHTMPVAR}" = "rkhunter" ]; then
+- SYSSCRIPT=`${FILE_CMD} ${FNAME} 2>&1 | tr -s ' ' ' ' | cat -v | egrep -i -v '(shell|/bin/sh) script( |$)'`
++ SYSSCRIPT=`${FILE_CMD} ${FNAME} 2>&1 | tr -s ' ' ' ' | cat -v | egrep -i -v '(shell|/bin/sh) script( |,|$)'`
+ else
+- SYSSCRIPT=`${FILE_CMD} ${FNAME} 2>&1 | tr -s ' ' ' ' | cat -v | egrep -i ' script( |$)'`
++ SYSSCRIPT=`${FILE_CMD} ${FNAME} 2>&1 | tr -s ' ' ' ' | cat -v | egrep -i ' script( |,|$)'`
+ fi
+
++
++ else
++
++
+ test -n "${SYSSCRIPT}" && TEST_RESULT="${TEST_RESULT} script"
+ fi
+ fi
diff --git a/rkhunter.spec b/rkhunter.spec
index 7a18722..4e7943d 100644
--- a/rkhunter.spec
+++ b/rkhunter.spec
@@ -1,6 +1,6 @@
Name: rkhunter
Version: 1.3.8
-Release: 6%{?dist}
+Release: 7%{?dist}
Summary: A host-based tool to scan for rootkits, backdoors and local exploits
Group: Applications/System
@@ -10,6 +10,8 @@ Source0: http://downloads.sourceforge.net/rkhunter/rkhunter-%{version}.ta
Source2: 01-rkhunter
Source3: rkhunter.sysconfig
Patch0: rkhunter-1.3.8-fedoraconfig.patch
+# Upstream in http://rkhunter.cvs.sourceforge.net/viewvc/rkhunter/rkhunter/files/rkhunter?r1=1.396&r2=1.397&view=patch
+Patch1: rkhunter-1.3.8-file.patch
BuildArch: noarch
BuildRoot: %{_tmppath}/%{name}-%{version}-%{release}-root-%(%{__id_u} -n)
@@ -27,6 +29,7 @@ and other unwanted tools.
%setup -q
%patch0 -p1
+%patch1 -p1
%{__cat} <<'EOF' >%{name}.logrotate
%{_localstatedir}/log/%{name}/%{name}.log {
@@ -93,6 +96,11 @@ EOF
%{_mandir}/man8/*
%changelog
+* Fri Jul 08 2011 Kevin Fenzi <kevin at scrye.com> - 1.3.8-7
+- Add patch to fix out of the box warning on rkhunter script.
+- Fixes bug #719270
+- Add etckeeper and tomboy files. Fixes bug #719265 and #719259
+
* Tue Jun 21 2011 Kevin Fenzi <kevin at scrye.com> - 1.3.8-6
- Change ssh check back to 2 - bug #596775
- Drop hard Requires on prelink. It will be used if present - bug #714067
More information about the scm-commits
mailing list