[rkhunter] Drop net-tools, no longer needed. Fixes bug #784803
Kevin Fenzi
kevin at fedoraproject.org
Sat Jan 28 03:42:04 UTC 2012
commit 689a5a0a53e940c9d4af4194cb3173e0922e670d
Author: Kevin Fenzi <kevin at scrye.com>
Date: Fri Jan 27 20:42:01 2012 -0700
Drop net-tools, no longer needed. Fixes bug #784803
- Add /dev/shm/spice.* to whitelist. Fixes bug #784882
rkhunter-1.3.8-fedoraconfig.patch | 10 ++++++----
rkhunter.spec | 8 ++++++--
2 files changed, 12 insertions(+), 6 deletions(-)
---
diff --git a/rkhunter-1.3.8-fedoraconfig.patch b/rkhunter-1.3.8-fedoraconfig.patch
index 2313181..f4c15b3 100644
--- a/rkhunter-1.3.8-fedoraconfig.patch
+++ b/rkhunter-1.3.8-fedoraconfig.patch
@@ -1,6 +1,6 @@
diff -Nur rkhunter-1.3.8.orig/files/rkhunter.conf rkhunter-1.3.8/files/rkhunter.conf
--- rkhunter-1.3.8.orig/files/rkhunter.conf 2010-11-13 13:25:22.000000000 -0700
-+++ rkhunter-1.3.8/files/rkhunter.conf 2012-01-06 17:55:59.131669432 -0700
++++ rkhunter-1.3.8/files/rkhunter.conf 2012-01-27 20:41:00.295582744 -0700
@@ -94,16 +94,19 @@
# sure that the directory permissions are tight.
#
@@ -151,7 +151,7 @@ diff -Nur rkhunter-1.3.8.orig/files/rkhunter.conf rkhunter-1.3.8/files/rkhunter.
#
# Allow the specified processes to use deleted files. The
-@@ -583,6 +629,12 @@
+@@ -583,6 +629,14 @@
#
#ALLOWDEVFILE="/dev/shm/pulse-shm-*"
#ALLOWDEVFILE="/dev/shm/sem.ADBE_*"
@@ -161,10 +161,12 @@ diff -Nur rkhunter-1.3.8.orig/files/rkhunter.conf rkhunter-1.3.8/files/rkhunter.
+ALLOWDEVFILE="/dev/shm/mono.*"
+# created by libv4l
+ALLOWDEVFILE="/dev/shm/libv4l-*"
++# created by spice video
++ALLOWDEVFILE="/dev/shm/spice.*"
#
# This setting tells rkhunter where the inetd configuration
-@@ -721,6 +773,7 @@
+@@ -721,6 +775,7 @@
# The option may be specified more than once.
#
#SUSPSCAN_DIRS="/tmp /var/tmp"
@@ -172,7 +174,7 @@ diff -Nur rkhunter-1.3.8.orig/files/rkhunter.conf rkhunter-1.3.8/files/rkhunter.
#
# Directory for temporary files. A memory-based one is better (faster).
-@@ -976,3 +1029,5 @@
+@@ -976,3 +1031,5 @@
# both programs, then disable the 'hidden_procs' test.
#
#DISABLE_UNHIDE=0
diff --git a/rkhunter.spec b/rkhunter.spec
index 8d5233d..a891179 100644
--- a/rkhunter.spec
+++ b/rkhunter.spec
@@ -1,6 +1,6 @@
Name: rkhunter
Version: 1.3.8
-Release: 12%{?dist}
+Release: 13%{?dist}
Summary: A host-based tool to scan for rootkits, backdoors and local exploits
Group: Applications/System
@@ -18,7 +18,7 @@ BuildArch: noarch
BuildRoot: %{_tmppath}/%{name}-%{version}-%{release}-root-%(%{__id_u} -n)
Requires: coreutils, binutils, modutils, findutils, grep
-Requires: e2fsprogs, procps, lsof, iproute, net-tools, wget
+Requires: e2fsprogs, procps, lsof, iproute, wget
Requires: perl, perl(strict), perl(IO::Socket), mailx, logrotate
%description
@@ -101,6 +101,10 @@ EOF
%{_mandir}/man8/*
%changelog
+* Fri Jan 27 2012 Kevin Fenzi <kevin at scrye.com> 1.3.8-13
+- Drop net-tools, no longer needed. Fixes bug #784803
+- Add /dev/shm/spice.* to whitelist. Fixes bug #784882
+
* Fri Jan 06 2012 Kevin Fenzi <kevin at scrye.com> 1.3.8-12
- Add /etc/.java to whitelist. Fixes bug #770972
More information about the scm-commits
mailing list