Changes - j0ke.net Open Build Service

Changes of Revision 17

[-] [+]	Changed	rkhunter.spec
@@ -9,10 +9,10 @@ Autoreqprov: on Summary: Rootkit Scans for Rootkits, Backdoors, and Local Exploits Version: 1.3.6 -Release: 1 +Release: 2 Source0: http://downloads.rootkit.nl/%{realname}-%{version}.tar.bz2 #Patch0: %{realname}-10.0_os.dat.patch -Patch1: %{realname}-config.patch +Patch1: %{realname}-config-%{version}.patch Patch2: %{realname}-%{version}-installer.patch Requires: coreutils wget BuildArch: noarch @@ -94,6 +94,9 @@ %attr(755,root,root) %{_sysconfdir}/cron.daily/ix-rkhunter %changelog -n rkhunter +* Thu apr 22 2010 Carsten Schoene <cs@linux-administrator.com> - 1.3.6-2 +- updated rkhunter configuration + * Sun Nov 29 2009 Carsten Schoene <cs@linux-administrator.com> - 1.3.6-1 - new upstream release 1.3.6 - New IGNORE_PRELINK_DEP_ERR configuration option in case of persistent prelink dependency errors. x 1 @@ -9,10 +9,10 @@ 2 Autoreqprov: on 3 Summary: Rootkit Scans for Rootkits, Backdoors, and Local Exploits 4 Version: 1.3.6 5 -Release: 1 6 +Release: 2 7 Source0: http://downloads.rootkit.nl/%{realname}-%{version}.tar.bz2 8 #Patch0: %{realname}-10.0_os.dat.patch 9 -Patch1: %{realname}-config.patch 10 +Patch1: %{realname}-config-%{version}.patch 11 Patch2: %{realname}-%{version}-installer.patch 12 Requires: coreutils wget 13 BuildArch: noarch 14 @@ -94,6 +94,9 @@ 15 %attr(755,root,root) %{_sysconfdir}/cron.daily/ix-rkhunter 16 17 %changelog -n rkhunter 18 +* Thu apr 22 2010 Carsten Schoene <cs@linux-administrator.com> - 1.3.6-2 19 +- updated rkhunter configuration 20 + 21 * Sun Nov 29 2009 Carsten Schoene <cs@linux-administrator.com> - 1.3.6-1 22 - new upstream release 1.3.6 23 - New IGNORE_PRELINK_DEP_ERR configuration option in case of persistent prelink dependency errors. 24
[-] [+]	Added	rkhunter-config-1.3.6.patch ^
@@ -0,0 +1,113 @@ +--- rkhunter-1.3.6.orig/files/rkhunter.conf 2009-11-28 23:13:19.000000000 +0100 ++++ rkhunter-1.3.6/files/rkhunter.conf 2010-04-22 10:29:12.878085047 +0200 +@@ -71,7 +71,7 @@ + # NOTE: This option should be present in the configuration file. + # + #MAIL-ON-WARNING=me@mydomain root@mydomain +-MAIL-ON-WARNING="" ++MAIL-ON-WARNING=sudreport@internetx.de + + # + # Specify the mail command to use if MAIL-ON-WARNING is set. +@@ -196,7 +196,7 @@ + # file, then a value here of 'yes' or 'unset' will not cause a warning. + # This option has a default value of 'no'. + # +-ALLOW_SSH_ROOT_USER=no ++ALLOW_SSH_ROOT_USER=yes + + # + # Set this option to '1' to allow the use of the SSH-1 protocol, but note +@@ -299,7 +299,7 @@ + # + # Whenever this option is changed 'rkhunter --propupd' must be run. + # +-#PKGMGR=NONE ++PKGMGR=RPM + + # + # It is possible that a file which is part of a package may be modified +@@ -392,10 +392,12 @@ + # Allow the specified commands to be scripts. + # One command per line (use multiple SCRIPTWHITELIST lines). + # +-#SCRIPTWHITELIST=/sbin/ifup +-#SCRIPTWHITELIST=/sbin/ifdown +-#SCRIPTWHITELIST=/usr/bin/groups +- ++SCRIPTWHITELIST=/sbin/ifup ++SCRIPTWHITELIST=/sbin/ifdown ++SCRIPTWHITELIST=/usr/bin/groups ++SCRIPTWHITELIST=/usr/bin/whatis ++SCRIPTWHITELIST=/usr/bin/ldd ++SCRIPTWHITELIST=/usr/bin/GET + # + # Allow the specified commands to have the immutable attribute set. + # One command per line (use multiple IMMUTWHITELIST lines). +@@ -406,11 +408,11 @@ + # Allow the specified hidden directories. + # One directory per line (use multiple ALLOWHIDDENDIR lines). + # +-#ALLOWHIDDENDIR=/etc/.java +-#ALLOWHIDDENDIR=/dev/.udev ++ALLOWHIDDENDIR=/etc/.java ++ALLOWHIDDENDIR=/dev/.udev + #ALLOWHIDDENDIR=/dev/.udevdb + #ALLOWHIDDENDIR=/dev/.udev.tdb +-#ALLOWHIDDENDIR=/dev/.static ++ALLOWHIDDENDIR=/dev/.static + #ALLOWHIDDENDIR=/dev/.initramfs + #ALLOWHIDDENDIR=/dev/.SRC-unix + #ALLOWHIDDENDIR=/dev/.mdadm +@@ -420,15 +422,15 @@ + # One file per line (use multiple ALLOWHIDDENFILE lines). + # + #ALLOWHIDDENFILE=/etc/.java +-#ALLOWHIDDENFILE=/usr/share/man/man1/..1.gz +-#ALLOWHIDDENFILE=/etc/.pwd.lock ++ALLOWHIDDENFILE=/usr/share/man/man1/..1.gz ++ALLOWHIDDENFILE=/etc/.pwd.lock + #ALLOWHIDDENFILE=/etc/.init.state + #ALLOWHIDDENFILE=/lib/.libcrypto.so.0.9.8e.hmac + #ALLOWHIDDENFILE=/lib/.libcrypto.so.6.hmac + #ALLOWHIDDENFILE=/lib/.libssl.so.0.9.8e.hmac + #ALLOWHIDDENFILE=/lib/.libssl.so.6.hmac +-#ALLOWHIDDENFILE=/usr/bin/.fipscheck.hmac +-#ALLOWHIDDENFILE=/usr/bin/.ssh.hmac ++ALLOWHIDDENFILE=/usr/bin/.fipscheck.hmac ++ALLOWHIDDENFILE=/usr/bin/.ssh.hmac + #ALLOWHIDDENFILE=/usr/lib/.libfipscheck.so.1.1.0.hmac + #ALLOWHIDDENFILE=/usr/lib/.libfipscheck.so.1.hmac + #ALLOWHIDDENFILE=/usr/lib/.libgcrypt.so.11.hmac +@@ -436,7 +438,7 @@ + #ALLOWHIDDENFILE=/usr/lib/hmaccalc/sha256hmac.hmac + #ALLOWHIDDENFILE=/usr/lib/hmaccalc/sha384hmac.hmac + #ALLOWHIDDENFILE=/usr/lib/hmaccalc/sha512hmac.hmac +-#ALLOWHIDDENFILE=/usr/sbin/.sshd.hmac ++ALLOWHIDDENFILE=/usr/sbin/.sshd.hmac + + # + # Allow the specified processes to use deleted files. +@@ -546,7 +548,12 @@ + # Only one service (file) per line (use multiple XINETD_ALLOWED_SVC lines). + # + #XINETD_ALLOWED_SVC=/etc/xinetd.d/echo +- ++XINETD_ALLOWED_SVC=/etc/xinetd.d/ftp_psa ++XINETD_ALLOWED_SVC=/etc/xinetd.d/smtp_psa ++XINETD_ALLOWED_SVC=/etc/xinetd.d/smtps_psa ++XINETD_ALLOWED_SVC=/etc/xinetd.d/poppassd_psa ++XIENTD_ALLOWED_SVC=/etc/xinetd.d/submission_psa ++XIENTD_ALLOWED_SVC=/etc/xinetd.d/nrpe + # + # This option tells rkhunter the local system startup file pathnames. + # It is a space-separated list of files and directories. The directories +@@ -605,7 +612,7 @@ + # + # Note above that for the Apache web server, the name 'httpd' is used. + # +-#APP_WHITELIST="" ++APP_WHITELIST="httpd:2.2.3 named:9.3.6-P1 openssl:0.9.8e php:5.1.6 sshd:4.3p2" + + # + # Scan for suspicious files in directories containing temporary files and