[rkhunter] Add /usr/share/man/man5/.k5identity.5.gz to whitelisted hidden files.

Kevin Fenzi kevin at fedoraproject.org
Sat Nov 26 02:39:19 UTC 2011 

commit 6a7d33e0e0bd87a26340f831d6e8fe717913d293
Author: Kevin Fenzi <kevin at scrye.com>
Date:   Fri Nov 25 19:39:09 2011 -0700

    Add /usr/share/man/man5/.k5identity.5.gz to whitelisted hidden files.

 rkhunter-1.3.8-fedoraconfig.patch |   11 ++++++-----
 rkhunter.spec                     |    5 ++++-
 2 files changed, 10 insertions(+), 6 deletions(-)
---
diff --git a/rkhunter-1.3.8-fedoraconfig.patch b/rkhunter-1.3.8-fedoraconfig.patch
index 9938e04..e7c17b0 100644
--- a/rkhunter-1.3.8-fedoraconfig.patch
+++ b/rkhunter-1.3.8-fedoraconfig.patch
@@ -1,6 +1,6 @@
 diff -Nur rkhunter-1.3.8.orig/files/rkhunter.conf rkhunter-1.3.8/files/rkhunter.conf
 --- rkhunter-1.3.8.orig/files/rkhunter.conf	2010-11-13 13:25:22.000000000 -0700
-+++ rkhunter-1.3.8/files/rkhunter.conf	2011-07-08 09:01:31.660923511 -0600
++++ rkhunter-1.3.8/files/rkhunter.conf	2011-11-25 19:28:58.535501320 -0700
 @@ -94,16 +94,19 @@
  # sure that the directory permissions are tight.
  #
@@ -113,7 +113,7 @@ diff -Nur rkhunter-1.3.8.orig/files/rkhunter.conf rkhunter-1.3.8/files/rkhunter.
  
  #
  # Allow the specified hidden files to be whitelisted.
-@@ -519,6 +541,29 @@
+@@ -519,6 +541,30 @@
  #ALLOWHIDDENFILE="/usr/lib/hmaccalc/sha384hmac.hmac"
  #ALLOWHIDDENFILE="/usr/lib/hmaccalc/sha512hmac.hmac"
  #ALLOWHIDDENFILE="/usr/sbin/.sshd.hmac"
@@ -135,6 +135,7 @@ diff -Nur rkhunter-1.3.8.orig/files/rkhunter.conf rkhunter-1.3.8/files/rkhunter.
 +ALLOWHIDDENFILE=/usr/sbin/.sshd.hmac
 +ALLOWHIDDENFILE=/dev/.mdadm.map
 +ALLOWHIDDENFILE=/usr/share/man/man5/.k5login.5.gz
++ALLOWHIDDENFILE=/usr/share/man/man5/.k5identity.5.gz
 +ALLOWHIDDENFILE=/usr/sbin/.ipsec.hmac
 +# etckeeper
 +ALLOWHIDDENFILE=/etc/.etckeeper
@@ -143,7 +144,7 @@ diff -Nur rkhunter-1.3.8.orig/files/rkhunter.conf rkhunter-1.3.8/files/rkhunter.
  
  #
  # Allow the specified processes to use deleted files. The
-@@ -583,6 +628,12 @@
+@@ -583,6 +629,12 @@
  #
  #ALLOWDEVFILE="/dev/shm/pulse-shm-*"
  #ALLOWDEVFILE="/dev/shm/sem.ADBE_*"
@@ -156,7 +157,7 @@ diff -Nur rkhunter-1.3.8.orig/files/rkhunter.conf rkhunter-1.3.8/files/rkhunter.
  
  #
  # This setting tells rkhunter where the inetd configuration
-@@ -721,6 +772,7 @@
+@@ -721,6 +773,7 @@
  # The option may be specified more than once.
  #
  #SUSPSCAN_DIRS="/tmp /var/tmp"
@@ -164,7 +165,7 @@ diff -Nur rkhunter-1.3.8.orig/files/rkhunter.conf rkhunter-1.3.8/files/rkhunter.
  
  #
  # Directory for temporary files. A memory-based one is better (faster).
-@@ -976,3 +1028,5 @@
+@@ -976,3 +1029,5 @@
  # both programs, then disable the 'hidden_procs' test.
  #
  #DISABLE_UNHIDE=0
diff --git a/rkhunter.spec b/rkhunter.spec
index bc942d1..8653327 100644
--- a/rkhunter.spec
+++ b/rkhunter.spec
@@ -1,6 +1,6 @@
 Name:           rkhunter
 Version:        1.3.8
-Release:        10%{?dist}
+Release:        11%{?dist}
 Summary:        A host-based tool to scan for rootkits, backdoors and local exploits
 
 Group:          Applications/System
@@ -101,6 +101,9 @@ EOF
 %{_mandir}/man8/*
 
 %changelog
+* Fri Nov 25 2011 Kevin Fenzi <kevin at scrye.com> - 1.3.8-11
+- Add /usr/share/man/man5/.k5identity.5.gz to whitelisted hidden files. 
+
 * Wed Oct 12 2011 Jim Pirzyk <jim+rpm at pirzyk.org> - 1.3.8-10
 - Update %files section so that some .dat files are marked %ghost

More information about the scm-commits mailing list