[logwatch] Add rhhunter patch (rhbz#818926)

[jsynacek]

commit 93c0c98f502ffa39189364de29ae12b6c6e2172b
Author: Jan Synacek <jsynacek at redhat.com>
Date:   Wed Jun 27 08:17:20 2012 +0200

    Add rhhunter patch (rhbz#818926)

 logwatch-rkhunter.patch |   43 +++++++++++++++++++++++++++++++++++++++++++
 logwatch.spec           |    8 +++++++-
 2 files changed, 50 insertions(+), 1 deletions(-)
---
diff --git a/logwatch-rkhunter.patch b/logwatch-rkhunter.patch
new file mode 100644
index 0000000..29b2ff9
--- /dev/null
+++ b/logwatch-rkhunter.patch
@@ -0,0 +1,43 @@
+Index: scripts/services/secure
+===================================================================
+--- scripts/services/secure	(revision 110)
++++ scripts/services/secure	(working copy)
+@@ -180,6 +180,7 @@
+ $PwdChange = 0;
+ $RequestKeyFailures = 0;
+ %OtherList = ();
++%RootkitHunter = ();
+ use Logwatch ':ip';
+ 
+ while (defined($ThisLine = <STDIN>)) {
+@@ -519,6 +520,14 @@
+         $e='';
+      }
+      $KerbList{$response}{$type}{$from}{$service}{$client}{$e}++;
++   } elsif ($ThisLine =~ /Rootkit Hunter:/ ) {
++      if ($ThisLine =~ /Please inspect this machine/) {
++         $RootkitHunter{'inspect'}++;
++      } elsif ($ThisLine =~ /check started/) {
++         $RootkitHunter{'runs'}++;
++      } elsif (my ($mins, $secs) = ($ThisLine =~ /Scanning took ([0-9]*) minutes? and ([0-9]*) seconds?/)) {
++         $RootkitHunter{'time'}+= $mins*60 + $secs;
++      }
+    } else {
+       # Unmatched entries...
+       $ThisLine =~ s/\[\d+\]:/:/;
+@@ -908,6 +917,15 @@
+    }
+ }
+ 
++if (keys %RootkitHunter) {
++   use integer;
++   my ($mins, $secs) = ($RootkitHunter{'time'} / 60, $RootkitHunter{'time'} % 60);
++   print "\nRootkitHunter:\n";
++   print "   Runs: $RootkitHunter{'runs'}\n";
++   print "   Suggested Inspection: $RootkitHunter{'inspect'} Time(s)\n";
++   print "   Total Runtime: $mins minute(s) $secs second(s)\n";
++}
++
+ if (keys %OtherList) {
+    print "\n**Unmatched Entries**\n";
+    foreach $line (sort {$a cmp $b} keys %OtherList) {
diff --git a/logwatch.spec b/logwatch.spec
index 40145d0..ed13072 100644
--- a/logwatch.spec
+++ b/logwatch.spec
@@ -1,7 +1,7 @@
 Summary: A log file analysis program
 Name: logwatch
 Version: 7.4.0
-Release: 13.20120619svn110%{?dist}
+Release: 14.20120619svn110%{?dist}
 License: MIT
 Group: Applications/System
 URL: http://www.logwatch.org/
@@ -23,6 +23,8 @@ Patch5: logwatch-xntpd.patch
 Patch6: logwatch-smartd.patch
 Patch7: logwatch-dovecot.patch
 Patch8: logwatch-sshd.patch
+# Rootkit Hunter patch - not applied by upstream
+Patch9: logwatch-rkhunter.patch
 Requires: textutils sh-utils grep mailx
 Requires: perl(Date::Manip)
 Requires: perl(Sys::CPU)
@@ -45,6 +47,7 @@ of the package on many systems.
 %patch6 -p1
 %patch7 -p0
 %patch8 -p1
+%patch9 -p0
 rm -f scripts/services/*.orig
 
 %build
@@ -136,6 +139,9 @@ echo "# Configuration overrides for specific logfiles/services may be placed her
 %{_mandir}/man*/*
 
 %changelog
+* Wed Jun 27 2012 Jan Synáček <jsynacek at redhat.com> - 7.4.0-14.20120619svn110
+- Add rhhunter patch (rhbz#818926)
+
 * Tue Jun 19 2012 Jan Synáček <jsynacek at redhat.com> - 7.4.0-13.20120619svn110
 - Update to revision 110
 - Drop unnecessary patches