[rkhunter/el6] Add /dev/md/autorebuild.pid to ALLOWDEVFILE. Fixes bug #962809

Kevin Fenzi kevin at fedoraproject.org
Mon May 20 22:38:23 UTC 2013 

commit ae31293e2af91c8431bee5d4d38953b4879905e8
Author: Kevin Fenzi <kevin at scrye.com>
Date:   Mon May 20 16:38:14 2013 -0600

    Add /dev/md/autorebuild.pid to ALLOWDEVFILE. Fixes bug #962809

 rkhunter-1.4.0-fedoraconfig.patch |   10 ++++++----
 rkhunter.spec                     |    5 ++++-
 2 files changed, 10 insertions(+), 5 deletions(-)
---
diff --git a/rkhunter-1.4.0-fedoraconfig.patch b/rkhunter-1.4.0-fedoraconfig.patch
index 0bc24dd..f15b5f1 100644
--- a/rkhunter-1.4.0-fedoraconfig.patch
+++ b/rkhunter-1.4.0-fedoraconfig.patch
@@ -1,6 +1,6 @@
 diff -Nur rkhunter-1.4.0.orig/files/rkhunter.conf rkhunter-1.4.0/files/rkhunter.conf
 --- rkhunter-1.4.0.orig/files/rkhunter.conf	2011-12-17 14:36:02.000000000 -0700
-+++ rkhunter-1.4.0/files/rkhunter.conf	2012-05-13 11:55:13.636876200 -0600
++++ rkhunter-1.4.0/files/rkhunter.conf	2013-05-20 16:35:26.848757531 -0600
 @@ -100,16 +100,19 @@
  # sure that the directory permissions are tight.
  #
@@ -155,7 +155,7 @@ diff -Nur rkhunter-1.4.0.orig/files/rkhunter.conf rkhunter-1.4.0/files/rkhunter.
  
  #
  # Allow the specified processes to use deleted files. The
-@@ -586,6 +634,18 @@
+@@ -586,6 +634,20 @@
  #
  #ALLOWDEVFILE="/dev/shm/pulse-shm-*"
  #ALLOWDEVFILE="/dev/shm/sem.ADBE_*"
@@ -171,10 +171,12 @@ diff -Nur rkhunter-1.4.0.orig/files/rkhunter.conf rkhunter-1.4.0/files/rkhunter.
 +ALLOWDEVFILE=/dev/.udev/queue.bin
 +ALLOWDEVFILE=/dev/.udev/db/*
 +ALLOWDEVFILE=/dev/.udev/rules.d/99-root.rules
++# created by mdadm
++ALLOWDEVFILE="/dev/md/autorebuild.pid"
  
  #
  # This setting tells rkhunter where the inetd configuration
-@@ -724,6 +784,7 @@
+@@ -724,6 +786,7 @@
  # The option may be specified more than once.
  #
  #SUSPSCAN_DIRS="/tmp /var/tmp"
@@ -182,7 +184,7 @@ diff -Nur rkhunter-1.4.0.orig/files/rkhunter.conf rkhunter-1.4.0/files/rkhunter.
  
  #
  # Directory for temporary files. A memory-based one is better (faster).
-@@ -980,3 +1041,5 @@
+@@ -980,3 +1043,5 @@
  # both programs, then disable the 'hidden_procs' test.
  #
  #DISABLE_UNHIDE=0
diff --git a/rkhunter.spec b/rkhunter.spec
index 8da61e4..dc0a968 100644
--- a/rkhunter.spec
+++ b/rkhunter.spec
@@ -1,6 +1,6 @@
 Name:           rkhunter
 Version:        1.4.0
-Release:        1%{?dist}
+Release:        2%{?dist}
 Summary:        A host-based tool to scan for rootkits, backdoors and local exploits
 
 Group:          Applications/System
@@ -93,6 +93,9 @@ EOF
 %{_mandir}/man8/*
 
 %changelog
+* Mon May 20 2013 Kevin Fenzi <kevin at scrye.com> 1.4.0-2
+- Add /dev/md/autorebuild.pid to ALLOWDEVFILE. Fixes bug #962809
+
 * Sun May 13 2012 Kevin Fenzi <kevin at scrye.com> - 1.4.0-1
 - Update to 1.4.0

More information about the scm-commits mailing list