Hello community,
here is the log from the commit of package lynis for openSUSE:Factory checked in at 2013-12-13 11:58:38
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Comparing /work/SRC/openSUSE:Factory/lynis (Old)
and /work/SRC/openSUSE:Factory/.lynis.new (New)
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "lynis"
Changes:
--------
--- /work/SRC/openSUSE:Factory/lynis/lynis.changes 2013-06-24 09:34:47.000000000 +0200
+++ /work/SRC/openSUSE:Factory/.lynis.new/lynis.changes 2013-12-13 11:58:39.000000000 +0100
@@ -1,0 +2,38 @@
+Wed Dec 11 20:14:06 UTC 2013 - saigkill@opensuse.org
+
+- updated to version 1.3.7
+- Changelog:
+ * FileExists() and SearchItem() functions were added. The yum-security
+ check and iptables binary check were improved, and the report was
+ extended to show which tests have been executed or skipped
+- updated patch
+ * lynis_1.3.7_include-test-filesystem.diff
+
+-------------------------------------------------------------------
+Tue Dec 10 18:46:14 UTC 2013 - saigkill@opensuse.org
+
+- updated to version 1.3.6
+- Removed patches (obsolete):
+ * lynis_1.3.5_include_binaries.diff
+
+- Updated patches
+ * lynis_1.3.6_include_osdetection.diff
+ * lynis_1.3.6_include-test-kernel.diff
+
+-------------------------------------------------------------------
+Sun Nov 24 14:29:06 UTC 2013 - saigkill@opensuse.org
+
+- updated to version 1.3.5
+
+- Updated patches:
+ o lynis_1.3.1_lynis.diff
+ o lynis_1.3.1_include_binaries.diff
+ o lynis_1.3.1_include-osdetection.diff
+ o lynis_1.3.1_include-test-kernel.diff
+
+- Removed patches (obsolete)
+ o lynis_1.3.1_include-test-databases.diff
+ o lynis_1.3.1_include-test-storage.diff
+ o lynis_1.3.1_include-test-homedirs.diff
+
+-------------------------------------------------------------------
Old:
----
lynis-1.3.0.tar.bz2
lynis_1.3.0_include-osdetection.diff
lynis_1.3.0_include-test-databases.diff
lynis_1.3.0_include-test-filesystem.diff
lynis_1.3.0_include-test-homedirs.diff
lynis_1.3.0_include-test-kernel.diff
lynis_1.3.0_include-test-storage.diff
lynis_1.3.0_include_binaries.diff
lynis_1.3.0_include_consts.diff
lynis_1.3.0_lynis.diff
New:
----
lynis-1.3.7.tar.gz
lynis_1.3.1_include_consts.diff
lynis_1.3.5_lynis.diff
lynis_1.3.6_include-osdetection.diff
lynis_1.3.6_include-test-kernel.diff
lynis_1.3.7_include-test-filesystem.diff
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Other differences:
------------------
++++++ lynis.spec ++++++
--- /var/tmp/diff_new_pack.KjDiEx/_old 2013-12-13 11:58:41.000000000 +0100
+++ /var/tmp/diff_new_pack.KjDiEx/_new 2013-12-13 11:58:41.000000000 +0100
@@ -2,7 +2,7 @@
# spec file for package lynis
#
# Copyright (c) 2013 SUSE LINUX Products GmbH, Nuernberg, Germany.
-# Copyright (c) 2009-2011 Sascha Manns
+# Copyright (c) 2009-2013 Sascha Manns
#
# All modifications and additions to the file contributed by third parties
# remain the property of their copyright owners, unless otherwise agreed
@@ -17,19 +17,22 @@
#
+# Please submit bugfixes or comments via http://bugs.opensuse.org/
+#
+
%define _includedir /usr/share/lynis/include
%define _pluginsdir /usr/share/lynis/plugins
%define _dbdir /usr/share/lynis/db
%define _bindir /usr/bin
Name: lynis
-Version: 1.3.0
+Version: 1.3.7
Release: 1
Summary: Security and System auditing tool
License: GPL-3.0
Group: System/Monitoring
Url: http://www.rootkit.nl/projects/lynis.html
-Source0: %{name}-%{version}.tar.bz2
+Source0: http://cisofy.com/files/%{name}-%{version}.tar.gz
Source1: default.prf
Source2: tests_binary_rpath
Source3: tests_file_permissionsDB
@@ -43,18 +46,12 @@
Source11: dbus-whitelist.db.openSUSE_12.2_x86_64
Source12: fileperms.db.openSUSE_12.2_x86_64
# PATCH-OPENSUSE-FIX -- thomas@novell.com - modifying for openSUSE
-Patch0: %{name}_%{version}_lynis.diff
-# PATCH-OPENSUSE-FIX -- thomas@novell.com - modifying for openSUSE
-Patch2: %{name}_%{version}_include_consts.diff
-# PATCH-OPENSUSE-FIX -- thomas@novell.com - modifying for openSUSE
-Patch3: %{name}_%{version}_include_binaries.diff
+Patch0: %{name}_1.3.5_lynis.diff
# PATCH-OPENSUSE-FIX -- thomas@novell.com - modifying for openSUSE
-Patch4: %{name}_%{version}_include-test-databases.diff
-Patch5: %{name}_%{version}_include-osdetection.diff
-Patch6: %{name}_%{version}_include-test-filesystem.diff
-Patch7: %{name}_%{version}_include-test-kernel.diff
-Patch8: %{name}_%{version}_include-test-storage.diff
-Patch9: %{name}_%{version}_include-test-homedirs.diff
+Patch2: %{name}_1.3.1_include_consts.diff
+Patch5: %{name}_1.3.6_include-osdetection.diff
+Patch6: %{name}_1.3.7_include-test-filesystem.diff
+Patch7: %{name}_1.3.6_include-test-kernel.diff
BuildRequires: gcc-c++
BuildRequires: libxml2-devel
PreReq: %fillup_prereq
@@ -82,15 +79,10 @@
%prep
%setup -q
%patch0
-#%patch1
%patch2
-%patch3
-%patch4
-%patch5 -p1
-%patch6 -p1
-%patch7 -p1
-%patch8 -p1
-%patch9 -p1
+%patch5
+%patch6
+%patch7
%build
@@ -130,8 +122,9 @@
#ln -s $(basename %{SOURCE11}) %{_dbdir}/dbus-whitelist.db
#ln -s $(basename %{SOURCE12}) %{_dbdir}/fileperms.db
-%clean
-%__rm -rf %{buildroot}
+# pacify rpmlint
+#rm %{buildroot}%{_includedir}/tests_filesystems.orig
+chmod +x %{buildroot}%{_pluginsdir}/custom_plugin.template
%files
%defattr(-,root,root)
++++++ lynis_1.3.0_include_consts.diff -> lynis_1.3.1_include_consts.diff ++++++
++++++ lynis_1.3.0_lynis.diff -> lynis_1.3.5_lynis.diff ++++++
--- /work/SRC/openSUSE:Factory/lynis/lynis_1.3.0_lynis.diff 2012-02-29 14:08:29.000000000 +0100
+++ /work/SRC/openSUSE:Factory/.lynis.new/lynis_1.3.5_lynis.diff 2013-12-13 11:58:39.000000000 +0100
@@ -2,30 +2,15 @@
===================================================================
--- lynis.orig
+++ lynis
-@@ -464,6 +464,14 @@ REPORT_version="${REPORT_version_major}.
- #
- #################################################################################
- #
+@@ -512,7 +512,10 @@
+ webservers ssh snmp databases ldap php squid logging \
+ insecure_services banners scheduling accounting \
+ time crypto virtualization mac_frameworks file_integrity hardening_tools \
+- malware file_permissions homedirs kernel_hardening hardening"
++ malware file_permissions file_permissionsDB homedirs kernel_hardening hardening \
++ system_dbus users_wo_password binary_rpath tmp_symlinks file_permissions_ww \
++ system_proc network_allowed_ports"
+
-+#
-+#################################################################################
-+#
-+ # init totl number of files
-+ FILE_NUM_TOTAL=$(find / -xdev \( -type f -o -type d -o -type s -o -type b -type p -o -type c \) | wc -l | cut -d' ' -f1)
-+
-+
- # Test sections
- if [ "${TESTS_CATEGORY_TO_PERFORM}" = "" ]; then
- #YYY insert plugin support
-@@ -474,7 +482,9 @@ REPORT_version="${REPORT_version_major}.
- webservers ssh snmp databases ldap php squid logging \
- insecure_services banners scheduling accounting \
- time crypto virtualization mac_frameworks file_integrity hardening_tools \
-- malware file_permissions homedirs kernel_hardening hardening"
-+ malware file_permissions file_permissionsDB homedirs kernel_hardening hardening \
-+ system_dbus users_wo_password binary_rpath tmp_symlinks file_permissions_ww \
-+ system_proc network_allowed_ports"
else
INCLUDE_TESTS="${TESTS_CATEGORY_TO_PERFORM}"
- fi
-
+ logtext "Info: only performing tests from categories: ${TESTS_CATEGORY_TO_PERFORM}"
++++++ lynis_1.3.0_include-osdetection.diff -> lynis_1.3.6_include-osdetection.diff ++++++
--- /work/SRC/openSUSE:Factory/lynis/lynis_1.3.0_include-osdetection.diff 2013-01-14 09:43:11.000000000 +0100
+++ /work/SRC/openSUSE:Factory/.lynis.new/lynis_1.3.6_include-osdetection.diff 2013-12-13 11:58:40.000000000 +0100
@@ -1,12 +1,13 @@
-diff -ENbru lynis-1.3.0/include/osdetection lynis-1.3.0_suse/include/osdetection
---- lynis-1.3.0/include/osdetection 2011-12-25 15:56:38.000000000 +0100
-+++ lynis-1.3.0_suse/include/osdetection 2013-01-10 13:22:29.836598135 +0100
-@@ -157,7 +157,7 @@
- if [ -e "/etc/yellowdog-release" ]; then OS_FULLNAME=`cat /etc/yellowdog-release`; fi
+Index: include/osdetection
+===================================================================
+--- include/osdetection.orig
++++ include/osdetection
+@@ -242,7 +242,7 @@
+ OS_NAME="${LINUX_VERSION}"
+ fi
+ # If Linux version (full name) is unknown, use uname value
+- if [ "${OS_FULLNAME}" = "" ]; then OS_FULLNAME=`uname -s -r`; fi
++ #if [ "${OS_FULLNAME}" = "" ]; then OS_FULLNAME=`uname -s -r`; fi
+ SYSCTL_READKEY="sysctl -n"
- # If Linux version is unknown, use uname value
-- if [ "${OS_FULLNAME}" = "" ]; then OS_FULLNAME=`uname -s -r`; fi
-+ #if [ "${OS_FULLNAME}" = "" ]; then OS_FULLNAME=`uname -s -r`; fi
- SYSCTL_READKEY="sysctl -n"
-
- ;;
+ ;;
++++++ lynis_1.3.0_include-test-kernel.diff -> lynis_1.3.6_include-test-kernel.diff ++++++
--- /work/SRC/openSUSE:Factory/lynis/lynis_1.3.0_include-test-kernel.diff 2013-01-14 09:43:11.000000000 +0100
+++ /work/SRC/openSUSE:Factory/.lynis.new/lynis_1.3.6_include-test-kernel.diff 2013-12-13 11:58:40.000000000 +0100
@@ -1,12 +1,13 @@
-diff -ENbru lynis-1.3.0/include/tests_kernel lynis-1.3.0_suse/include/tests_kernel
---- lynis-1.3.0/include/tests_kernel 2011-12-25 15:56:11.000000000 +0100
-+++ lynis-1.3.0_suse/include/tests_kernel 2013-01-10 11:54:16.288498525 +0100
-@@ -280,7 +280,7 @@
-
- # Sysctl option
- logtext "Test: Checking sysctl value of fs.suid_dumpable"
-- FIND=`sysctl fs.suid_dumpable | awk '{ if ($1=="fs.suid_dumplable") { print $3 } }'`
-+ FIND=`/sbin/sysctl fs.suid_dumpable | awk '{ if ($1=="fs.suid_dumplable") { print $3 } }'`
- logtext "Result: value ${FIND} found"
- if [ "${FIND}" = "1" ]; then
- logtext "Result: setuid programs can perform core dumps"
+Index: include/tests_kernel
+===================================================================
+--- include/tests_kernel.orig
++++ include/tests_kernel
+@@ -324,7 +324,7 @@
+
+ # Sysctl option
+ logtext "Test: Checking sysctl value of fs.suid_dumpable"
+- FIND=`sysctl fs.suid_dumpable | awk '{ if ($1=="fs.suid_dumpable") { print $3 } }'`
++ FIND=`/sbin/sysctl fs.suid_dumpable | awk '{ if ($1=="fs.suid_dumpable") { print $3 } }'`
+ logtext "Result: value ${FIND} found"
+ if [ "${FIND}" = "2" ]; then
+ logtext "Result: programs can dump core dump, but only readable by root (value 2, for debugging with file protection)"
++++++ lynis_1.3.0_include-test-filesystem.diff -> lynis_1.3.7_include-test-filesystem.diff ++++++
--- /work/SRC/openSUSE:Factory/lynis/lynis_1.3.0_include-test-filesystem.diff 2013-01-14 09:43:11.000000000 +0100
+++ /work/SRC/openSUSE:Factory/.lynis.new/lynis_1.3.7_include-test-filesystem.diff 2013-12-13 11:58:40.000000000 +0100
@@ -1,11 +1,13 @@
---- lynis-1.3.0/include/tests_filesystems 2011-12-25 15:55:27.000000000 +0100
-+++ lynis-1.3.0_suse/include/tests_filesystems 2013-01-10 11:56:13.279292980 +0100
-@@ -314,7 +314,7 @@
- if [ ! "${FIND1}" = "" ]; then
- logtext "Result: found ${FIND1}"
- logtext "Test: Checking default options on ${FIND1}"
-- FIND2=`tune2fs -l ${FIND1} | grep "^Default mount options" | grep "acl"`
-+ FIND2=`/sbin/tune2fs -l ${FIND1} | grep "^Default mount options" | grep "acl"`
- if [ ! "${FIND2}" = "" ]; then
- logtext "Result: found ACL option in default mount options"
- FOUND=1
+Index: include/tests_filesystems
+===================================================================
+--- include/tests_filesystems.orig
++++ include/tests_filesystems
+@@ -342,7 +342,7 @@
+ if [ ! "${FIND1}" = "" ]; then
+ logtext "Result: found ${FIND1}"
+ logtext "Test: Checking default options on ${FIND1}"
+- FIND2=`tune2fs -l ${FIND1} | grep "^Default mount options" | grep "acl"`
++ FIND2=`/sbin/tune2fs -l ${FIND1} | grep "^Default mount options" | grep "acl"`
+ if [ ! "${FIND2}" = "" ]; then
+ logtext "Result: found ACL option in default mount options"
+ FOUND=1
--
To unsubscribe, e-mail: opensuse-commit+unsubscribe@opensuse.org
For additional commands, e-mail: opensuse-commit+help@opensuse.org