Hello community,
here is the log from the commit of package rkhunter
checked in at Fri Apr 4 01:14:17 CEST 2008.
--------
--- rkhunter/rkhunter.changes 2006-11-22 19:58:36.000000000 +0100
+++ /mounts/work_src_done/NOARCH/rkhunter/rkhunter.changes 2008-04-03 19:42:46.000000000 +0200
@@ -1,0 +2,38 @@
+Thu Apr 3 19:41:37 CEST 2008 - lrupp@suse.de
+
+- update to 1.3.2:
+ The changelog lists 3 additions, 6 changes and 14 bugfixes.
+ Naming a few:
+ + Socklog and rsyslog daemons support.
+ + Application version check errors mostly ignored.
+ + Unset ALLOW_SSH_ROOT_USER and ALLOW_SSH_PROT_V1.
+ + Application check whitelisting.
+ + Correct scanning of /dev in LAZY mode.
+ + Whitelisted passwordless account names logged.
+ + Corrected obtaining process names in Solaris.
+ + Correct hidden files/directories test behaviour.
+ + Cater for those using fdesc/fdescfs.
+
+-------------------------------------------------------------------
+Wed Feb 6 13:51:10 CET 2008 - lrupp@suse.de
+
+- update to 1.3.0:
+ - many new features
+ (needs testing)
+
+-------------------------------------------------------------------
+Wed Nov 28 17:17:47 CET 2007 - lrupp@suse.de
+
+- newdb.tar.bz2 updated
+- rkhunter-10.3.patch adapted
+
+-------------------------------------------------------------------
+Fri Jun 01 17:31:19 CET 2007 - lrupp@suse.de
+
+- update to 1.29
+- improved the cronjob
+- added sysconfig file for cronjob
+- add /var/log/rkhunter.log as %ghost
+- add hashupd.sh to scripts directory
+
+-------------------------------------------------------------------
Old:
----
newdb.tar.bz2
rkhunter-10.0.patch
rkhunter-1.2.8.tar.gz
New:
----
rkhunter-1.3.2.tar.bz2
rkhunter.cron
rkhunter-installer.patch
rkhunter.logrotate
rkhunter-README.SuSE
rkhunter.sysconfig
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Other differences:
------------------
++++++ rkhunter.spec ++++++
--- /var/tmp/diff_new_pack.vU6145/_old 2008-04-04 01:14:03.000000000 +0200
+++ /var/tmp/diff_new_pack.vU6145/_new 2008-04-04 01:14:03.000000000 +0200
@@ -1,7 +1,7 @@
#
-# spec file for package rkhunter (Version 1.2.8)
+# spec file for package rkhunter (Version 1.3.2)
#
-# Copyright (c) 2006 SUSE LINUX Products GmbH, Nuernberg, Germany.
+# Copyright (c) 2008 SUSE LINUX Products GmbH, Nuernberg, Germany.
# This file and all modifications and additions to the pristine
# package are under the same license as the package itself.
#
@@ -10,42 +10,54 @@
# norootforbuild
+
Name: rkhunter
-URL: http://www.rootkit.nl/
-License: GNU General Public License (GPL)
+Url: http://rkhunter.sourceforge.net/
+License: GPL v2 or later
Group: System/Monitoring
-Autoreqprov: on
-Summary: Rootkit Scans for Rootkits, Backdoors, and Local Exploits
-Version: 1.2.8
-Release: 23
-Source0: http://downloads.rootkit.nl/%{name}-%{version}.tar.gz
-# Got via rkhunter --update, then packed from /var/lib/rkhunter/
-Source1: newdb.tar.bz2
-Patch0: rkhunter-10.0.patch
-Requires: coreutils wget
+Summary: Rootkit Hunter Scans for Rootkits, Backdoors, and Local Exploits
+Version: 1.3.2
+Release: 1
+AutoReqProv: no
BuildArch: noarch
+PreReq: %fillup_prereq
+# BuildRequires: wget
+Requires: bash cron findutils
+%if 0%{?suse_version} >= 1010
+Recommends: logrotate wget netcfg
+%else
+Requires: logrotate wget
+%endif
+Source0: %{name}-%{version}.tar.bz2
+# Got via rkhunter --update, then packed from /var/lib/rkhunter/
+Source2: rkhunter.sysconfig
+Source3: rkhunter.cron
+Source5: rkhunter-README.SuSE
+Source6: rkhunter.logrotate
+Patch0: rkhunter-installer.patch
BuildRoot: %{_tmppath}/%{name}-%{version}-build
%description
-Rootkit scanner is scanning tool that can give you 99.9% certainty that
-your system is clean of nasty tools. This tool scans for rootkits,
-backdoors, and local exploits by running tests like:
+Rootkit Hunter scans files and systems for known and unknown rootkits,
+backdoors, and sniffers. The package contains one shell script, a few
+text-based databases, and optional Perl modules. This tool scans for
+rootkits, backdoors, and local exploits by running tests like:
-- Comparing MD5 hashes
+* Comparing MD5 hashes
-- Looking for default files used by rootkits
+* Looking for default files used by rootkits
-- Checking for wrong file permissions for binaries
+* Checking for wrong file permissions for binaries
-- Looking for suspected strings in LKM and KLD modules
+* Looking for suspected strings in LKM and KLD modules
-- Looking for hidden files
+* Looking for hidden files
-- Optionally scanning within plain text and binary files
+* Optionally scanning within plain text and binary files
-- Checking software versions
+* Checking software versions
-- Testing applications
+* Testing applications
@@ -54,10 +66,7 @@
Michael Boelen
%prep
-%setup -q -n %{name}
-# updated database
-tar xf %{SOURCE1}
-mv db/* files
+%setup -q
%patch0 -p1
%build
@@ -65,103 +74,121 @@
mv files/rkhunter.new files/rkhunter
%install
-# Well... This could be a bit smaller if the install
-# script was able to handle DSTDIR for example...
-%{__mkdir} -p ${RPM_BUILD_ROOT}%{_bindir}
-%{__mkdir} -p ${RPM_BUILD_ROOT}%{_sysconfdir}
-%{__mkdir} -p ${RPM_BUILD_ROOT}/usr/share
-%{__mkdir} -p ${RPM_BUILD_ROOT}/usr/share/rkhunter/scripts
-%{__mkdir} -p ${RPM_BUILD_ROOT}%{_docdir}/rkhunter-%{version}
-%{__mkdir} -p ${RPM_BUILD_ROOT}%{_mandir}/man8
-%{__mkdir} -p ${RPM_BUILD_ROOT}%{_var}/lib/rkhunter/{db,tmp}
-%{__chmod} ug+rwx,o-rwx ${RPM_BUILD_ROOT}%{_var}/lib/rkhunter/tmp
-%{__install} -m750 -p files/rkhunter ${RPM_BUILD_ROOT}%{_bindir}/
-%{__install} -m640 -p files/backdoorports.dat ${RPM_BUILD_ROOT}%{_var}/lib/rkhunter/db/
-%{__install} -m640 -p files/defaulthashes.dat ${RPM_BUILD_ROOT}%{_var}/lib/rkhunter/db/
-%{__install} -m640 -p files/mirrors.dat ${RPM_BUILD_ROOT}%{_var}/lib/rkhunter/db/
-%{__install} -m640 -p files/os.dat ${RPM_BUILD_ROOT}%{_var}/lib/rkhunter/db/
-%{__install} -m640 -p files/md5blacklist.dat ${RPM_BUILD_ROOT}%{_var}/lib/rkhunter/db/
-%{__install} -m640 -p files/programs_bad.dat ${RPM_BUILD_ROOT}%{_var}/lib/rkhunter/db/
-%{__install} -m640 -p files/programs_good.dat ${RPM_BUILD_ROOT}%{_var}/lib/rkhunter/db/
-%{__install} -m644 -p files/CHANGELOG ${RPM_BUILD_ROOT}%{_docdir}/rkhunter-%{version}/
-%{__install} -m644 -p files/LICENSE ${RPM_BUILD_ROOT}%{_docdir}/rkhunter-%{version}/
-%{__install} -m644 -p files/README ${RPM_BUILD_ROOT}%{_docdir}/rkhunter-%{version}/
-%{__install} -m644 -p files/WISHLIST ${RPM_BUILD_ROOT}%{_docdir}/rkhunter-%{version}/
-%{__install} -m644 -p files/development/*.8 ${RPM_BUILD_ROOT}%{_mandir}/man8/
-%{__install} -m750 -p files/check_modules.pl ${RPM_BUILD_ROOT}/usr/share/rkhunter/scripts/
-%{__install} -m750 -p files/check_port.pl ${RPM_BUILD_ROOT}/usr/share/rkhunter/scripts/
-%{__install} -m750 -p files/filehashmd5.pl ${RPM_BUILD_ROOT}/usr/share/rkhunter/scripts/
-%{__install} -m750 -p files/filehashsha1.pl ${RPM_BUILD_ROOT}/usr/share/rkhunter/scripts/
-%{__install} -m750 -p files/showfiles.pl ${RPM_BUILD_ROOT}/usr/share/rkhunter/scripts/
-%{__install} -m750 -p files/check_update.sh ${RPM_BUILD_ROOT}/usr/share/rkhunter/scripts/
-# (cjo) Put installation root in configuration file, then copy the rest
-# of the file from the original.
-cat > ${RPM_BUILD_ROOT}%{_sysconfdir}/rkhunter.conf << EOF
-## Next three lines installed automatically by RPM. Do not change
-## unless you know what you're doing...
-INSTALLDIR=%{_prefix}
-DBDIR=%{_var}/lib/rkhunter/db
-TMPDIR=%{_var}/lib/rkhunter/tmp
-EOF
-cat files/rkhunter.conf >> ${RPM_BUILD_ROOT}%{_sysconfdir}/rkhunter.conf
-%{__chmod} 640 ${RPM_BUILD_ROOT}%{_sysconfdir}/rkhunter.conf
-# Only root should use rkhunter (at least for now)
-%{__chmod} o-rwx -R ${RPM_BUILD_ROOT}/usr/share/rkhunter
-%{__chmod} o-rwx -R ${RPM_BUILD_ROOT}%{_var}/lib/rkhunter/db
-# make a cron.daily file to mail us the reports
-%{__mkdir} -p "${RPM_BUILD_ROOT}/%{_sysconfdir}/cron.daily"
-%{__cat} > "${RPM_BUILD_ROOT}/%{_sysconfdir}/cron.daily/suse.de-rkhunter" < ${RPM_BUILD_ROOT}%{_sysconfdir}/rkhunter.conf.new
+mv ${RPM_BUILD_ROOT}%{_sysconfdir}/rkhunter.conf.new ${RPM_BUILD_ROOT}%{_sysconfdir}/rkhunter.conf
+for i in ifup-lo if-lo network config-lo new-stamp-2; do
+ echo "ALLOWDEVFILE=/dev/shm/sysconfig/$i" >> ${RPM_BUILD_ROOT}%{_sysconfdir}/rkhunter.conf
+done
+for i in $(seq 0 9); do
+ echo "ALLOWDEVFILE=/dev/shm/sysconfig/ifup-eth$i" >> ${RPM_BUILD_ROOT}%{_sysconfdir}/rkhunter.conf
+ echo "ALLOWDEVFILE=/dev/shm/sysconfig/if-eth$i" >> ${RPM_BUILD_ROOT}%{_sysconfdir}/rkhunter.conf
+ echo "ALLOWDEVFILE=/dev/shm/sysconfig/config-eth$i" >> ${RPM_BUILD_ROOT}%{_sysconfdir}/rkhunter.conf
+done
+# install ghost file
+mkdir -p ${RPM_BUILD_ROOT}/var/log
+touch ${RPM_BUILD_ROOT}/var/log/rkhunter.log
%clean
[ "$RPM_BUILD_ROOT" != "/" ] && [ -d $RPM_BUILD_ROOT ] \
&& rm -rf $RPM_BUILD_ROOT
-%files
-%defattr(-,root,root,-)
-%{_bindir}/rkhunter
-%dir /usr/share/rkhunter
-%doc %{_docdir}/rkhunter-%{version}
-%{_mandir}/man8/*
-/usr/share/rkhunter/scripts
-%dir %{_var}/lib/rkhunter
-%dir %{_var}/lib/rkhunter/tmp
-%{_var}/lib/rkhunter/db
-%config(noreplace) %verify(not mtime) %{_sysconfdir}/rkhunter.conf
-%attr(755,root,root) %{_sysconfdir}/cron.daily/suse.de-rkhunter
+%post
+%{fillup_only}
-%changelog -n rkhunter
-* Wed Nov 22 2006 - meissner@suse.de
+%files
+%defattr(644,root,root,755)
+%doc %{_mandir}/man8/%{name}.8*
+%doc %{_defaultdocdir}/%name
+%dir %{_prefix}/lib/%{name}
+%dir %{_prefix}/lib/%{name}/scripts
+%dir %{_var}/lib/%{name}
+%dir %{_var}/lib/%{name}/db
+%dir %{_var}/lib/%{name}/db/i18n
+%dir %{_var}/lib/%{name}/tmp
+%defattr(640,root,root,-)
+%config(noreplace) %{_sysconfdir}/%{name}.conf
+%verify(not md5 size mtime) %{_var}/lib/%{name}/db/*.dat
+%{_var}/lib/%{name}/db/i18n/*
+%{_sysconfdir}/logrotate.d/rkhunter
+/var/adm/fillup-templates/sysconfig.rkhunter
+%ghost %verify(not md5 size mtime) %config(noreplace)/var/log/rkhunter.log
+%defattr(750,root,root,-)
+%{_prefix}/bin/%{name}
+%{_sysconfdir}/cron.daily/suse.de-rkhunter
+%{_prefix}/lib/%{name}/scripts/*.pl
+%{_prefix}/lib/%{name}/scripts/*.sh
+
+%changelog
+* Thu Apr 03 2008 lrupp@suse.de
+- update to 1.3.2:
+ The changelog lists 3 additions, 6 changes and 14 bugfixes.
+ Naming a few:
+ + Socklog and rsyslog daemons support.
+ + Application version check errors mostly ignored.
+ + Unset ALLOW_SSH_ROOT_USER and ALLOW_SSH_PROT_V1.
+ + Application check whitelisting.
+ + Correct scanning of /dev in LAZY mode.
+ + Whitelisted passwordless account names logged.
+ + Corrected obtaining process names in Solaris.
+ + Correct hidden files/directories test behaviour.
+ + Cater for those using fdesc/fdescfs.
+* Wed Feb 06 2008 lrupp@suse.de
+- update to 1.3.0:
+ - many new features
+ (needs testing)
+* Wed Nov 28 2007 lrupp@suse.de
+- newdb.tar.bz2 updated
+- rkhunter-10.3.patch adapted
+* Fri Jun 01 2007 lrupp@suse.de
+- update to 1.29
+- improved the cronjob
+- added sysconfig file for cronjob
+- add /var/log/rkhunter.log as %%ghost
+- add hashupd.sh to scripts directory
+* Wed Nov 22 2006 meissner@suse.de
- use correct string for i586. #223221
-* Thu Nov 16 2006 - meissner@suse.de
+* Thu Nov 16 2006 meissner@suse.de
- Detect openSUSE as product correctly. #216053
- renamed cron script to have "suse.de-" prefix.
-* Tue Nov 07 2006 - meissner@suse.de
+* Tue Nov 07 2006 meissner@suse.de
- Include the current database from upstream. #216053
- daily cron script to mode 755
-* Wed Jul 19 2006 - meissner@suse.de
+* Wed Jul 19 2006 meissner@suse.de
- New version 1.2.8
- some hashes and version updated
- small fixes
- Added SUSE Linux 10 hashes
-* Thu Mar 23 2006 - meissner@suse.de
+* Thu Mar 23 2006 meissner@suse.de
- detect 10.1. #148471
-* Wed Jan 25 2006 - mls@suse.de
+* Wed Jan 25 2006 mls@suse.de
- converted neededforbuild to BuildRequires
-* Thu Dec 01 2005 - meissner@suse.de
+* Thu Dec 01 2005 meissner@suse.de
- Order ALLOW* directives in the right section.
- Do not |mail in a cronjob, just let cron do it for itself.
- Quiet down output so it usually should not mail.
- Enable MAIL_ON_WARNING, send mail to root. #132683
-* Wed Sep 07 2005 - meissner@suse.de
+* Wed Sep 07 2005 meissner@suse.de
- ignore /etc/.pwd.lock, /etc/.java too. #115128
-* Thu Aug 18 2005 - meissner@suse.de
+* Thu Aug 18 2005 meissner@suse.de
- recognize 10.0, ignore /dev/.udevdb/.
-* Fri Aug 12 2005 - meissner@suse.de
+* Fri Aug 12 2005 meissner@suse.de
- Use /usr/share/rkhunter instead of /usr/%%_lib/rkhunter.
- Fixed some other problems.
-* Mon Jul 11 2005 - meissner@suse.de
+* Mon Jul 11 2005 meissner@suse.de
- Initial import of rkhunter 1.2.7.
++++++ rkhunter-installer.patch ++++++
Index: rkhunter-1.3.0/installer.sh
===================================================================
--- rkhunter-1.3.0.orig/installer.sh
+++ rkhunter-1.3.0/installer.sh
@@ -166,7 +166,7 @@ case "$1" in
esac
;;
RPM) if [ -n "${RPM_BUILD_ROOT}" ]; then
- PREFIX="${RPM_BUILD_ROOT}/usr/local"
+ PREFIX="${RPM_BUILD_ROOT}/usr"
else
echo "RPM prefix chosen but \$RPM_BUILD_ROOT variable not found, exiting."
exit 1
@@ -202,7 +202,7 @@ case "$1" in
case "$1" in
custom_*)
if [ "`uname -m`" = "x86_64" ]; then
- LIBDIR="${PREFIX}/lib64"
+ LIBDIR="${PREFIX}/lib"
else
LIBDIR="${PREFIX}/lib"
fi
@@ -210,7 +210,7 @@ case "$1" in
SHAREDIR="${PREFIX}/share"; BINDIR="${PREFIX}/bin"
;;
RPM) if [ "`uname -m`" = "x86_64" ]; then
- LIBDIR="${PREFIX}/lib64"
+ LIBDIR="${PREFIX}/lib"
else
LIBDIR="${PREFIX}/lib"
fi
@@ -219,7 +219,7 @@ case "$1" in
;;
*)
if [ -d "${PREFIX}/lib64" ]; then
- LIBDIR="${PREFIX}/lib64"
+ LIBDIR="${PREFIX}/lib"
else
LIBDIR="${PREFIX}/lib"
fi
@@ -249,7 +249,7 @@ if [ "${RKHINST_LAYOUT}" = "oldschool" ]
else
RKHINST_DB_DIR="${VARDIR}/lib/${APPNAME}/db"
RKHINST_TMP_DIR="${VARDIR}/lib/${APPNAME}/tmp"
- RKHINST_DOC_DIR="${SHAREDIR}/doc/${APPNAME}-${APPVERSION}"
+ RKHINST_DOC_DIR="${SHAREDIR}/doc/packages/${APPNAME}"
fi
RKHINST_MAN_DIR="${SHAREDIR}/man/man8"
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Remember to have fun...
---------------------------------------------------------------------
To unsubscribe, e-mail: opensuse-commit+unsubscribe@opensuse.org
For additional commands, e-mail: opensuse-commit+help@opensuse.org