Changes - j0ke.net Open Build Service

Changes of Revision 30

[-] [+]	Added	ix-rkhunter.changes
@@ -0,0 +1,10 @@ +------------------------------------------------------------------- +Thu Sep 8 17:27:53 UTC 2011 - cs@linux-administrator.com + +- changed e-mail address to rkhunter@internetx.de + +------------------------------------------------------------------- +Tue Jan 18 08:08:05 UTC 2011 - cs@linux-administrator.com + +- added amandaclient to xinetd whitelist + x 1 @@ -0,0 +1,10 @@ 2 +------------------------------------------------------------------- 3 +Thu Sep 8 17:27:53 UTC 2011 - cs@linux-administrator.com 4 + 5 +- changed e-mail address to rkhunter@internetx.de 6 + 7 +------------------------------------------------------------------- 8 +Tue Jan 18 08:08:05 UTC 2011 - cs@linux-administrator.com 9 + 10 +- added amandaclient to xinetd whitelist 11 + 12
[-] [+]	Deleted	rkhunter.changes ^
@@ -1,10 +0,0 @@ -------------------------------------------------------------------- -Thu Sep 8 17:27:53 UTC 2011 - cs@linux-administrator.com - -- changed e-mail address to rkhunter@internetx.de - -------------------------------------------------------------------- -Tue Jan 18 08:08:05 UTC 2011 - cs@linux-administrator.com - -- added amandaclient to xinetd whitelist -
[-] [+]	Added	ix-rkhunter.spec ^
@@ -0,0 +1,190 @@ +# norootforbuild +# usedforbuild aaa_base acl attr audit-libs autoconf automake bash bind-libs bind-utils binutils bison bzip2 coreutils cpio cpp cpp41 cracklib cvs cyrus-sasl db diffutils e2fsprogs file filesystem fillup findutils flex gawk gcc gcc41 gdbm gdbm-devel gettext gettext-devel glibc glibc-devel glibc-locale gpm grep groff gzip info insserv klogd less libacl libattr libcom_err libgcc41 libltdl libmudflap41 libnscd libstdc++41 libtool libvolume_id libxcrypt libzio linux-kernel-headers m4 make man mktemp module-init-tools ncurses ncurses-devel net-tools netcfg openldap2-client openssl pam pam-modules patch perl permissions popt procinfo procps psmisc pwdutils rcs readline rpm sed strace sysvinit tar tcpd texinfo timezone unzip util-linux vim zlib zlib-devel + +%define realname rkhunter +Name: ix-rkhunter +URL: http://www.rootkit.nl/ +License: GNU General Public License (GPL) +Group: System/Monitoring +Autoreqprov: on +Summary: Rootkit Scans for Rootkits, Backdoors, and Local Exploits +Version: 1.3.8 +Release: 2 +Source0: http://downloads.rootkit.nl/%{realname}-%{version}.tar.bz2 +#Patch0: %{realname}-10.0_os.dat.patch +Patch1: %{realname}-config-%{version}.patch +Patch2: %{realname}-%{version}-installer.patch +Requires: coreutils wget +BuildRoot: %{_tmppath}/%{name}-%{version}-build + +%description +Rootkit scanner is scanning tool that can give you 99.9% certainty that +your system is clean of nasty tools. This tool scans for rootkits, +backdoors, and local exploits by running tests like: + +- Comparing MD5 hashes + +- Looking for default files used by rootkits + +- Checking for wrong file permissions for binaries + +- Looking for suspected strings in LKM and KLD modules + +- Looking for hidden files + +- Optionally scanning within plain text and binary files + +- Checking software versions + +- Testing applications + + + +Authors: +-------- + Michael Boelen <michael@rootkit.nl> + +%debug_package +%prep +%setup -q -n %{realname}-%{version} +##%patch0 -p1 +%patch1 -p1 +%patch2 +%build + +%install +./installer.sh --layout RPM --install +%if 0%{?suse_version} +mkdir -p ${RPM_BUILD_ROOT}/%{_docdir} +mv ${RPM_BUILD_ROOT}/usr/share/doc/%{realname}-%{version} ${RPM_BUILD_ROOT}%{_docdir} +%endif +cat files/rkhunter.conf >> ${RPM_BUILD_ROOT}%{_sysconfdir}/rkhunter.conf +%{__chmod} 640 ${RPM_BUILD_ROOT}%{_sysconfdir}/rkhunter.conf +# Only root should use rkhunter (at least for now) +#%{__chmod} o-rwx -R ${RPM_BUILD_ROOT}/usr/share/rkhunter +%{__chmod} o-rwx -R ${RPM_BUILD_ROOT}%{_var}/lib/rkhunter/db +# make a cron.daily file to mail us the reports +%{__mkdir} -p "${RPM_BUILD_ROOT}/%{_sysconfdir}/cron.daily" +%{__cat} > "${RPM_BUILD_ROOT}/%{_sysconfdir}/cron.daily/ix-rkhunter" <<EOF +#!/bin/sh +%{_bindir}/rkhunter --quiet --update +%{_bindir}/rkhunter --quiet --cronjob --nomow +EOF +%{__chmod} a+rwx,g-w,o-w ${RPM_BUILD_ROOT}%{_sysconfdir}/cron.daily/ix-rkhunter + +%post +%{_bindir}/rkhunter --quiet --propupd + +%clean +[ "$RPM_BUILD_ROOT" != "/" ] && [ -d $RPM_BUILD_ROOT ] \ + && rm -rf $RPM_BUILD_ROOT + +%files +%defattr(-,root,root,-) +%{_bindir}/rkhunter +%doc %{_docdir}/rkhunter-%{version} +%{_mandir}/man8/* +%dir %{_libdir}/rkhunter +%{_libdir}/rkhunter/scripts +%dir %{_var}/lib/rkhunter +%dir %{_var}/lib/rkhunter/tmp +%{_var}/lib/rkhunter/db +%config(noreplace) %verify(not mtime) %{_sysconfdir}/rkhunter.conf +%attr(755,root,root) %{_sysconfdir}/cron.daily/ix-rkhunter + +%changelog -n rkhunter +* Thu Sep 08 2011 Carsten Schoene <cs@linux-administrator.com> - 1.3.8-2 +- changed e-mail address to rkhunter@internetx.de + +* Sun Dec 26 2010 Carsten Schoene <cs@linux-administrator.com> - 1.3.8-1 +- new upstream release 1.3.8 +- reworked all patches for new version + +* Mon Dec 20 2010 Carsten Schoene <cs@linux-administrator.com> - 1.3.6-4 +- updated script whitelist with files for ksplice + +* Wed May 05 2010 Carsten Schoene <cs@linux-administrator.com> - 1.3.6-3 +- updated rkhunter configuration + +* Thu Apr 22 2010 Carsten Schoene <cs@linux-administrator.com> - 1.3.6-2 +- updated rkhunter configuration + +* Sun Nov 29 2009 Carsten Schoene <cs@linux-administrator.com> - 1.3.6-1 +- new upstream release 1.3.6 + - New IGNORE_PRELINK_DEP_ERR configuration option in case of persistent prelink dependency errors. + - New USER_FILEPROP_FILES_DIRS configuration option to add files and directories to the file properties check. + - New COPY_LOG_ON_ERROR configuration option to copy the log file if any errors or warnings have occurred. + - New WEBCMD configuration option to specify the command used to download data file updates from the Internet. + - Rkhunter will look for configuration options in the main configuration file, and then in the local configuration file if it exists. + - New SHARED_LIB_WHITELIST configuration option for whitelisting preloaded shared libraries. + - New WARN_ON_OS_CHANGE configuration option. If unset then no warnings will be shown. + - New UPDT_ON_OS_CHANGE configuration option. If set and the O/S has changed then rkhunter will automatically update properties ('rkhunter –propupd'). + - Added support for hash functions SHA224, SHA256, SHA384 and SHA512 using CPAN perl modules Digest-SHA-PurePerl or SHA256. + - New UPDATE_LANG configuration option. + - New ALLOWPROMISCIF configuration option. + - New PKGMGR_NO_VRFY configuration option for fine-grained package manager verification process control. + - Rootkit checks added: Adore Rootkit (aka strings.o aka Dextenea) cb, CX, Fu, iLLogiC, ld-linuxv.so.1, 'Spanish', trNkit, Xzibit, ZK. + - Updated rootkit / malware checks: Ambient (ark), beX2, BOBkit, Dica-kit, Dreams, Enye LKM, evil strings test, Fleakit, FreeBSD, Phalanx2, SHV4, Universal (URK). + +* Thu Jan 01 2009 Carsten Schoene <cs@linux-administrator.com> - 1.3.4-1 +- new upstream release 1.3.4 + - Added IntoXonia-NG rootkit check. + - Added Phalanx2 rootkit check. + - Added support for TCB shadow files. + - The '--propupd' option can now take an optional file, directory or package name after it. + - Revised file properties inode check. + - Improved the O/S name detection. + - Improved hidden files and directories check. + - Improved debug file option. + +* Fri May 30 2008 Carsten Schoene <cs@linux-administrator.com> +- new upstream release 1.3.2 + - Socklog and rsyslog daemons support. + - IRIX/IRIX64 support. + - Application version check errors mostly ignored. + - Unset ALLOW_SSH_ROOT_USER and ALLOW_SSH_PROT_V1. + - Application check whitelisting. + - 'pflog' checked for all BSD now. + - Correct scanning of /dev in LAZY mode. + - Whitelisted passwordless account names logged. + - Corrected obtaining process names in Solaris. + - Unset MANPATH for .spec (OpenSuSE). + - Correct hidden files/directories test behaviour. + - Cater for those using fdesc/fdescfs. + + Tue Jan 15 2008 Carsten Schoene <cs@linux-administrator.com> +- reworked all patches +- changed installation to installers RPM mode +- internetx specific configuration changes + +* Wed Nov 22 2006 - meissner@suse.de +- use correct string for i586. #223221 +* Thu Nov 16 2006 - meissner@suse.de +- Detect openSUSE as product correctly. #216053 +- renamed cron script to have "suse.de-" prefix. +* Tue Nov 07 2006 - meissner@suse.de +- Include the current database from upstream. #216053 +- daily cron script to mode 755 +* Wed Jul 19 2006 - meissner@suse.de +- New version 1.2.8 + - some hashes and version updated + - small fixes +- Added SUSE Linux 10 hashes +* Thu Mar 23 2006 - meissner@suse.de +- detect 10.1. #148471 +* Wed Jan 25 2006 - mls@suse.de +- converted neededforbuild to BuildRequires +* Thu Dec 01 2005 - meissner@suse.de +- Order ALLOW* directives in the right section. +- Do not \|mail in a cronjob, just let cron do it for itself. +- Quiet down output so it usually should not mail. +- Enable MAIL_ON_WARNING, send mail to root. #132683 +* Wed Sep 07 2005 - meissner@suse.de +- ignore /etc/.pwd.lock, /etc/.java too. #115128 +* Thu Aug 18 2005 - meissner@suse.de +- recognize 10.0, ignore /dev/.udevdb/. +* Fri Aug 12 2005 - meissner@suse.de +- Use /usr/share/rkhunter instead of /usr/%%_lib/rkhunter. +- Fixed some other problems. +* Mon Jul 11 2005 - meissner@suse.de +- Initial import of rkhunter 1.2.7. 192 1 @@ -0,0 +1,190 @@ 2 +# norootforbuild 3 +# usedforbuild aaa_base acl attr audit-libs autoconf automake bash bind-libs bind-utils binutils bison bzip2 coreutils cpio cpp cpp41 cracklib cvs cyrus-sasl db diffutils e2fsprogs file filesystem fillup findutils flex gawk gcc gcc41 gdbm gdbm-devel gettext gettext-devel glibc glibc-devel glibc-locale gpm grep groff gzip info insserv klogd less libacl libattr libcom_err libgcc41 libltdl libmudflap41 libnscd libstdc++41 libtool libvolume_id libxcrypt libzio linux-kernel-headers m4 make man mktemp module-init-tools ncurses ncurses-devel net-tools netcfg openldap2-client openssl pam pam-modules patch perl permissions popt procinfo procps psmisc pwdutils rcs readline rpm sed strace sysvinit tar tcpd texinfo timezone unzip util-linux vim zlib zlib-devel 4 + 5 +%define realname rkhunter 6 +Name: ix-rkhunter 7 +URL: http://www.rootkit.nl/ 8 +License: GNU General Public License (GPL) 9 +Group: System/Monitoring 10 +Autoreqprov: on 11 +Summary: Rootkit Scans for Rootkits, Backdoors, and Local Exploits 12 +Version: 1.3.8 13 +Release: 2 14 +Source0: http://downloads.rootkit.nl/%{realname}-%{version}.tar.bz2 15 +#Patch0: %{realname}-10.0_os.dat.patch 16 +Patch1: %{realname}-config-%{version}.patch 17 +Patch2: %{realname}-%{version}-installer.patch 18 +Requires: coreutils wget 19 +BuildRoot: %{_tmppath}/%{name}-%{version}-build 20 + 21 +%description 22 +Rootkit scanner is scanning tool that can give you 99.9% certainty that 23 +your system is clean of nasty tools. This tool scans for rootkits, 24 +backdoors, and local exploits by running tests like: 25 + 26 +- Comparing MD5 hashes 27 + 28 +- Looking for default files used by rootkits 29 + 30 +- Checking for wrong file permissions for binaries 31 + 32 +- Looking for suspected strings in LKM and KLD modules 33 + 34 +- Looking for hidden files 35 + 36 +- Optionally scanning within plain text and binary files 37 + 38 +- Checking software versions 39 + 40 +- Testing applications 41 + 42 + 43 + 44 +Authors: 45 +-------- 46 + Michael Boelen <michael@rootkit.nl> 47 + 48 +%debug_package 49 +%prep 50 +%setup -q -n %{realname}-%{version} 51 +##%patch0 -p1 52 +%patch1 -p1 53 +%patch2 54 +%build 55 + 56 +%install 57 +./installer.sh --layout RPM --install 58 +%if 0%{?suse_version} 59 +mkdir -p ${RPM_BUILD_ROOT}/%{_docdir} 60 +mv ${RPM_BUILD_ROOT}/usr/share/doc/%{realname}-%{version} ${RPM_BUILD_ROOT}%{_docdir} 61 +%endif 62 +cat files/rkhunter.conf >> ${RPM_BUILD_ROOT}%{_sysconfdir}/rkhunter.conf 63 +%{__chmod} 640 ${RPM_BUILD_ROOT}%{_sysconfdir}/rkhunter.conf 64 +# Only root should use rkhunter (at least for now) 65 +#%{__chmod} o-rwx -R ${RPM_BUILD_ROOT}/usr/share/rkhunter 66 +%{__chmod} o-rwx -R ${RPM_BUILD_ROOT}%{_var}/lib/rkhunter/db 67 +# make a cron.daily file to mail us the reports 68 +%{__mkdir} -p "${RPM_BUILD_ROOT}/%{_sysconfdir}/cron.daily" 69 +%{__cat} > "${RPM_BUILD_ROOT}/%{_sysconfdir}/cron.daily/ix-rkhunter" <<EOF 70 +#!/bin/sh 71 +%{_bindir}/rkhunter --quiet --update 72 +%{_bindir}/rkhunter --quiet --cronjob --nomow 73 +EOF 74 +%{__chmod} a+rwx,g-w,o-w ${RPM_BUILD_ROOT}%{_sysconfdir}/cron.daily/ix-rkhunter 75 + 76 +%post 77 +%{_bindir}/rkhunter --quiet --propupd 78 + 79 +%clean 80 +[ "$RPM_BUILD_ROOT" != "/" ] && [ -d $RPM_BUILD_ROOT ] \ 81 + && rm -rf $RPM_BUILD_ROOT 82 + 83 +%files 84 +%defattr(-,root,root,-) 85 +%{_bindir}/rkhunter 86 +%doc %{_docdir}/rkhunter-%{version} 87 +%{_mandir}/man8/* 88 +%dir %{_libdir}/rkhunter 89 +%{_libdir}/rkhunter/scripts 90 +%dir %{_var}/lib/rkhunter 91 +%dir %{_var}/lib/rkhunter/tmp 92 +%{_var}/lib/rkhunter/db 93 +%config(noreplace) %verify(not mtime) %{_sysconfdir}/rkhunter.conf 94 +%attr(755,root,root) %{_sysconfdir}/cron.daily/ix-rkhunter 95 + 96 +%changelog -n rkhunter 97 +* Thu Sep 08 2011 Carsten Schoene <cs@linux-administrator.com> - 1.3.8-2 98 +- changed e-mail address to rkhunter@internetx.de 99 + 100 +* Sun Dec 26 2010 Carsten Schoene <cs@linux-administrator.com> - 1.3.8-1 101 +- new upstream release 1.3.8 102 +- reworked all patches for new version 103 + 104 +* Mon Dec 20 2010 Carsten Schoene <cs@linux-administrator.com> - 1.3.6-4 105 +- updated script whitelist with files for ksplice 106 + 107 +* Wed May 05 2010 Carsten Schoene <cs@linux-administrator.com> - 1.3.6-3 108 +- updated rkhunter configuration 109 + 110 +* Thu Apr 22 2010 Carsten Schoene <cs@linux-administrator.com> - 1.3.6-2 111 +- updated rkhunter configuration 112 + 113 +* Sun Nov 29 2009 Carsten Schoene <cs@linux-administrator.com> - 1.3.6-1 114 +- new upstream release 1.3.6 115 + - New IGNORE_PRELINK_DEP_ERR configuration option in case of persistent prelink dependency errors. 116 + - New USER_FILEPROP_FILES_DIRS configuration option to add files and directories to the file properties check. 117 + - New COPY_LOG_ON_ERROR configuration option to copy the log file if any errors or warnings have occurred. 118 + - New WEBCMD configuration option to specify the command used to download data file updates from the Internet. 119 + - Rkhunter will look for configuration options in the main configuration file, and then in the local configuration file if it exists. 120 + - New SHARED_LIB_WHITELIST configuration option for whitelisting preloaded shared libraries. 121 + - New WARN_ON_OS_CHANGE configuration option. If unset then no warnings will be shown. 122 + - New UPDT_ON_OS_CHANGE configuration option. If set and the O/S has changed then rkhunter will automatically update properties ('rkhunter –propupd'). 123 + - Added support for hash functions SHA224, SHA256, SHA384 and SHA512 using CPAN perl modules Digest-SHA-PurePerl or SHA256. 124 + - New UPDATE_LANG configuration option. 125 + - New ALLOWPROMISCIF configuration option. 126 + - New PKGMGR_NO_VRFY configuration option for fine-grained package manager verification process control. 127 + - Rootkit checks added: Adore Rootkit (aka strings.o aka Dextenea) cb, CX, Fu, iLLogiC, ld-linuxv.so.1, 'Spanish', trNkit, Xzibit, ZK. 128 + - Updated rootkit / malware checks: Ambient (ark), beX2, BOBkit, Dica-kit, Dreams, Enye LKM, evil strings test, Fleakit, FreeBSD, Phalanx2, SHV4, Universal (URK). 129 + 130 +* Thu Jan 01 2009 Carsten Schoene <cs@linux-administrator.com> - 1.3.4-1 131 +- new upstream release 1.3.4 132 + - Added IntoXonia-NG rootkit check. 133 + - Added Phalanx2 rootkit check. 134 + - Added support for TCB shadow files. 135 + - The '--propupd' option can now take an optional file, directory or package name after it. 136 + - Revised file properties inode check. 137 + - Improved the O/S name detection. 138 + - Improved hidden files and directories check. 139 + - Improved debug file option. 140 + 141 +* Fri May 30 2008 Carsten Schoene <cs@linux-administrator.com> 142 +- new upstream release 1.3.2 143 + - Socklog and rsyslog daemons support. 144 + - IRIX/IRIX64 support. 145 + - Application version check errors mostly ignored. 146 + - Unset ALLOW_SSH_ROOT_USER and ALLOW_SSH_PROT_V1. 147 + - Application check whitelisting. 148 + - 'pflog' checked for all BSD now. 149 + - Correct scanning of /dev in LAZY mode. 150 + - Whitelisted passwordless account names logged. 151 + - Corrected obtaining process names in Solaris. 152 + - Unset MANPATH for .spec (OpenSuSE). 153 + - Correct hidden files/directories test behaviour. 154 + - Cater for those using fdesc/fdescfs. 155 + 156 + Tue Jan 15 2008 Carsten Schoene <cs@linux-administrator.com> 157 +- reworked all patches 158 +- changed installation to installers RPM mode 159 +- internetx specific configuration changes 160 + 161 +* Wed Nov 22 2006 - meissner@suse.de 162 +- use correct string for i586. #223221 163 +* Thu Nov 16 2006 - meissner@suse.de 164 +- Detect openSUSE as product correctly. #216053 165 +- renamed cron script to have "suse.de-" prefix. 166 +* Tue Nov 07 2006 - meissner@suse.de 167 +- Include the current database from upstream. #216053 168 +- daily cron script to mode 755 169 +* Wed Jul 19 2006 - meissner@suse.de 170 +- New version 1.2.8 171 + - some hashes and version updated 172 + - small fixes 173 +- Added SUSE Linux 10 hashes 174 +* Thu Mar 23 2006 - meissner@suse.de 175 +- detect 10.1. #148471 176 +* Wed Jan 25 2006 - mls@suse.de 177 +- converted neededforbuild to BuildRequires 178 +* Thu Dec 01 2005 - meissner@suse.de 179 +- Order ALLOW* directives in the right section. 180 +- Do not \|mail in a cronjob, just let cron do it for itself. 181 +- Quiet down output so it usually should not mail. 182 +- Enable MAIL_ON_WARNING, send mail to root. #132683 183 +* Wed Sep 07 2005 - meissner@suse.de 184 +- ignore /etc/.pwd.lock, /etc/.java too. #115128 185 +* Thu Aug 18 2005 - meissner@suse.de 186 +- recognize 10.0, ignore /dev/.udevdb/. 187 +* Fri Aug 12 2005 - meissner@suse.de 188 +- Use /usr/share/rkhunter instead of /usr/%%_lib/rkhunter. 189 +- Fixed some other problems. 190 +* Mon Jul 11 2005 - meissner@suse.de 191 +- Initial import of rkhunter 1.2.7. 192
[-] [+]	Deleted	rkhunter.spec ^
@@ -1,190 +0,0 @@ -# norootforbuild -# usedforbuild aaa_base acl attr audit-libs autoconf automake bash bind-libs bind-utils binutils bison bzip2 coreutils cpio cpp cpp41 cracklib cvs cyrus-sasl db diffutils e2fsprogs file filesystem fillup findutils flex gawk gcc gcc41 gdbm gdbm-devel gettext gettext-devel glibc glibc-devel glibc-locale gpm grep groff gzip info insserv klogd less libacl libattr libcom_err libgcc41 libltdl libmudflap41 libnscd libstdc++41 libtool libvolume_id libxcrypt libzio linux-kernel-headers m4 make man mktemp module-init-tools ncurses ncurses-devel net-tools netcfg openldap2-client openssl pam pam-modules patch perl permissions popt procinfo procps psmisc pwdutils rcs readline rpm sed strace sysvinit tar tcpd texinfo timezone unzip util-linux vim zlib zlib-devel - -%define realname rkhunter -Name: ix-rkhunter -URL: http://www.rootkit.nl/ -License: GNU General Public License (GPL) -Group: System/Monitoring -Autoreqprov: on -Summary: Rootkit Scans for Rootkits, Backdoors, and Local Exploits -Version: 1.3.8 -Release: 2 -Source0: http://downloads.rootkit.nl/%{realname}-%{version}.tar.bz2 -#Patch0: %{realname}-10.0_os.dat.patch -Patch1: %{realname}-config-%{version}.patch -Patch2: %{realname}-%{version}-installer.patch -Requires: coreutils wget -BuildRoot: %{_tmppath}/%{name}-%{version}-build - -%description -Rootkit scanner is scanning tool that can give you 99.9% certainty that -your system is clean of nasty tools. This tool scans for rootkits, -backdoors, and local exploits by running tests like: - -- Comparing MD5 hashes - -- Looking for default files used by rootkits - -- Checking for wrong file permissions for binaries - -- Looking for suspected strings in LKM and KLD modules - -- Looking for hidden files - -- Optionally scanning within plain text and binary files - -- Checking software versions - -- Testing applications - - - -Authors: --------- - Michael Boelen <michael@rootkit.nl> - -%debug_package -%prep -%setup -q -n %{realname}-%{version} -##%patch0 -p1 -%patch1 -p1 -%patch2 -%build - -%install -./installer.sh --layout RPM --install -%if 0%{?suse_version} -mkdir -p ${RPM_BUILD_ROOT}/%{_docdir} -mv ${RPM_BUILD_ROOT}/usr/share/doc/%{realname}-%{version} ${RPM_BUILD_ROOT}%{_docdir} -%endif -cat files/rkhunter.conf >> ${RPM_BUILD_ROOT}%{_sysconfdir}/rkhunter.conf -%{__chmod} 640 ${RPM_BUILD_ROOT}%{_sysconfdir}/rkhunter.conf -# Only root should use rkhunter (at least for now) -#%{__chmod} o-rwx -R ${RPM_BUILD_ROOT}/usr/share/rkhunter -%{__chmod} o-rwx -R ${RPM_BUILD_ROOT}%{_var}/lib/rkhunter/db -# make a cron.daily file to mail us the reports -%{__mkdir} -p "${RPM_BUILD_ROOT}/%{_sysconfdir}/cron.daily" -%{__cat} > "${RPM_BUILD_ROOT}/%{_sysconfdir}/cron.daily/ix-rkhunter" <<EOF -#!/bin/sh -%{_bindir}/rkhunter --quiet --update -%{_bindir}/rkhunter --quiet --cronjob --nomow -EOF -%{__chmod} a+rwx,g-w,o-w ${RPM_BUILD_ROOT}%{_sysconfdir}/cron.daily/ix-rkhunter - -%post -%{_bindir}/rkhunter --quiet --propupd - -%clean -[ "$RPM_BUILD_ROOT" != "/" ] && [ -d $RPM_BUILD_ROOT ] \ - && rm -rf $RPM_BUILD_ROOT - -%files -%defattr(-,root,root,-) -%{_bindir}/rkhunter -%doc %{_docdir}/rkhunter-%{version} -%{_mandir}/man8/* -%dir %{_libdir}/rkhunter -%{_libdir}/rkhunter/scripts -%dir %{_var}/lib/rkhunter -%dir %{_var}/lib/rkhunter/tmp -%{_var}/lib/rkhunter/db -%config(noreplace) %verify(not mtime) %{_sysconfdir}/rkhunter.conf -%attr(755,root,root) %{_sysconfdir}/cron.daily/ix-rkhunter - -%changelog -n rkhunter -* Thu Sep 08 2011 Carsten Schoene <cs@linux-administrator.com> - 1.3.8-2 -- changed e-mail address to rkhunter@internetx.de - -* Sun Dec 26 2010 Carsten Schoene <cs@linux-administrator.com> - 1.3.8-1 -- new upstream release 1.3.8 -- reworked all patches for new version - -* Mon Dec 20 2010 Carsten Schoene <cs@linux-administrator.com> - 1.3.6-4 -- updated script whitelist with files for ksplice - -* Wed May 05 2010 Carsten Schoene <cs@linux-administrator.com> - 1.3.6-3 -- updated rkhunter configuration - -* Thu Apr 22 2010 Carsten Schoene <cs@linux-administrator.com> - 1.3.6-2 -- updated rkhunter configuration - -* Sun Nov 29 2009 Carsten Schoene <cs@linux-administrator.com> - 1.3.6-1 -- new upstream release 1.3.6 - - New IGNORE_PRELINK_DEP_ERR configuration option in case of persistent prelink dependency errors. - - New USER_FILEPROP_FILES_DIRS configuration option to add files and directories to the file properties check. - - New COPY_LOG_ON_ERROR configuration option to copy the log file if any errors or warnings have occurred. - - New WEBCMD configuration option to specify the command used to download data file updates from the Internet. - - Rkhunter will look for configuration options in the main configuration file, and then in the local configuration file if it exists. - - New SHARED_LIB_WHITELIST configuration option for whitelisting preloaded shared libraries. - - New WARN_ON_OS_CHANGE configuration option. If unset then no warnings will be shown. - - New UPDT_ON_OS_CHANGE configuration option. If set and the O/S has changed then rkhunter will automatically update properties ('rkhunter –propupd'). - - Added support for hash functions SHA224, SHA256, SHA384 and SHA512 using CPAN perl modules Digest-SHA-PurePerl or SHA256. - - New UPDATE_LANG configuration option. - - New ALLOWPROMISCIF configuration option. - - New PKGMGR_NO_VRFY configuration option for fine-grained package manager verification process control. - - Rootkit checks added: Adore Rootkit (aka strings.o aka Dextenea) cb, CX, Fu, iLLogiC, ld-linuxv.so.1, 'Spanish', trNkit, Xzibit, ZK. - - Updated rootkit / malware checks: Ambient (ark), beX2, BOBkit, Dica-kit, Dreams, Enye LKM, evil strings test, Fleakit, FreeBSD, Phalanx2, SHV4, Universal (URK). - -* Thu Jan 01 2009 Carsten Schoene <cs@linux-administrator.com> - 1.3.4-1 -- new upstream release 1.3.4 - - Added IntoXonia-NG rootkit check. - - Added Phalanx2 rootkit check. - - Added support for TCB shadow files. - - The '--propupd' option can now take an optional file, directory or package name after it. - - Revised file properties inode check. - - Improved the O/S name detection. - - Improved hidden files and directories check. - - Improved debug file option. - -* Fri May 30 2008 Carsten Schoene <cs@linux-administrator.com> -- new upstream release 1.3.2 - - Socklog and rsyslog daemons support. - - IRIX/IRIX64 support. - - Application version check errors mostly ignored. - - Unset ALLOW_SSH_ROOT_USER and ALLOW_SSH_PROT_V1. - - Application check whitelisting. - - 'pflog' checked for all BSD now. - - Correct scanning of /dev in LAZY mode. - - Whitelisted passwordless account names logged. - - Corrected obtaining process names in Solaris. - - Unset MANPATH for .spec (OpenSuSE). - - Correct hidden files/directories test behaviour. - - Cater for those using fdesc/fdescfs. - - Tue Jan 15 2008 Carsten Schoene <cs@linux-administrator.com> -- reworked all patches -- changed installation to installers RPM mode -- internetx specific configuration changes - -* Wed Nov 22 2006 - meissner@suse.de -- use correct string for i586. #223221 -* Thu Nov 16 2006 - meissner@suse.de -- Detect openSUSE as product correctly. #216053 -- renamed cron script to have "suse.de-" prefix. -* Tue Nov 07 2006 - meissner@suse.de -- Include the current database from upstream. #216053 -- daily cron script to mode 755 -* Wed Jul 19 2006 - meissner@suse.de -- New version 1.2.8 - - some hashes and version updated - - small fixes -- Added SUSE Linux 10 hashes -* Thu Mar 23 2006 - meissner@suse.de -- detect 10.1. #148471 -* Wed Jan 25 2006 - mls@suse.de -- converted neededforbuild to BuildRequires -* Thu Dec 01 2005 - meissner@suse.de -- Order ALLOW* directives in the right section. -- Do not \|mail in a cronjob, just let cron do it for itself. -- Quiet down output so it usually should not mail. -- Enable MAIL_ON_WARNING, send mail to root. #132683 -* Wed Sep 07 2005 - meissner@suse.de -- ignore /etc/.pwd.lock, /etc/.java too. #115128 -* Thu Aug 18 2005 - meissner@suse.de -- recognize 10.0, ignore /dev/.udevdb/. -* Fri Aug 12 2005 - meissner@suse.de -- Use /usr/share/rkhunter instead of /usr/%%_lib/rkhunter. -- Fixed some other problems. -* Mon Jul 11 2005 - meissner@suse.de -- Initial import of rkhunter 1.2.7.