File rkhunter.spec of Package ix-rkhunter - j0ke.net Open Build Service

File rkhunter.spec of Package ix-rkhunter (Revision dbfeb64a29f54765f34fa2f5214fbea0)

Currently displaying revision dbfeb64a29f54765f34fa2f5214fbea0, show latest

# norootforbuild
# usedforbuild    aaa_base acl attr audit-libs autoconf automake bash bind-libs bind-utils binutils bison bzip2 coreutils cpio cpp cpp41 cracklib cvs cyrus-sasl db diffutils e2fsprogs file filesystem fillup findutils flex gawk gcc gcc41 gdbm gdbm-devel gettext gettext-devel glibc glibc-devel glibc-locale gpm grep groff gzip info insserv klogd less libacl libattr libcom_err libgcc41 libltdl libmudflap41 libnscd libstdc++41 libtool libvolume_id libxcrypt libzio linux-kernel-headers m4 make man mktemp module-init-tools ncurses ncurses-devel net-tools netcfg openldap2-client openssl pam pam-modules patch perl permissions popt procinfo procps psmisc pwdutils rcs readline rpm sed strace sysvinit tar tcpd texinfo timezone unzip util-linux vim zlib zlib-devel

%define	realname rkhunter
Name:           ix-rkhunter
URL:            http://www.rootkit.nl/
License:        GNU General Public License (GPL)
Group:          System/Monitoring
Autoreqprov:    on
Summary:        Rootkit Scans for Rootkits, Backdoors, and Local Exploits
Version:        1.3.4
Release:        1
Source0:        http://downloads.rootkit.nl/%{realname}-%{version}.tar.gz
Patch0:         %{realname}-10.0_os.dat.patch
Patch1:		%{realname}-config.patch
Patch2:		%{realname}-installer.patch
Requires:       coreutils wget
BuildArch:      noarch
BuildRoot:      %{_tmppath}/%{name}-%{version}-build

%description
Rootkit scanner is scanning tool that can give you 99.9% certainty that
your system is clean of nasty tools. This tool scans for rootkits,
backdoors, and local exploits by running tests like:

- Comparing MD5 hashes

- Looking for default files used by rootkits

- Checking for wrong file permissions for binaries

- Looking for suspected strings in LKM and KLD modules

- Looking for hidden files

- Optionally scanning within plain text and binary files

- Checking software versions

- Testing applications

Authors:
--------
    Michael Boelen <michael@rootkit.nl>

%debug_package
%prep
%setup -q -n %{realname}-%{version}
%patch0 -p1
%patch1 -p1
%patch2 -p1
%build

%install
./installer.sh --layout RPM --install
%if 0%{?suse_version}
mkdir -p ${RPM_BUILD_ROOT}/%{_docdir}
mv ${RPM_BUILD_ROOT}/usr/share/doc/%{realname}-%{version} ${RPM_BUILD_ROOT}%{_docdir}
%endif
cat files/rkhunter.conf >> ${RPM_BUILD_ROOT}%{_sysconfdir}/rkhunter.conf
%{__chmod} 640 ${RPM_BUILD_ROOT}%{_sysconfdir}/rkhunter.conf
# Only root should use rkhunter (at least for now)
#%{__chmod} o-rwx -R ${RPM_BUILD_ROOT}/usr/share/rkhunter
%{__chmod} o-rwx -R ${RPM_BUILD_ROOT}%{_var}/lib/rkhunter/db
# make a cron.daily file to mail us the reports
%{__mkdir} -p "${RPM_BUILD_ROOT}/%{_sysconfdir}/cron.daily"
%{__cat} > "${RPM_BUILD_ROOT}/%{_sysconfdir}/cron.daily/ix-rkhunter" <<EOF
#!/bin/sh
%{_bindir}/rkhunter --quiet --update
%{_bindir}/rkhunter --quiet --cronjob --nomow
EOF
%{__chmod} a+rwx,g-w,o-w ${RPM_BUILD_ROOT}%{_sysconfdir}/cron.daily/ix-rkhunter

%post
%{_bindir}/rkhunter --quiet --propupd

%clean
[ "$RPM_BUILD_ROOT" != "/" ] && [ -d $RPM_BUILD_ROOT ] \
  && rm -rf $RPM_BUILD_ROOT

%files
%defattr(-,root,root,-)
%{_bindir}/rkhunter
%doc %{_docdir}/rkhunter-%{version}
%{_mandir}/man8/*
%{_libdir}/rkhunter/scripts
%dir %{_var}/lib/rkhunter
%dir %{_var}/lib/rkhunter/tmp
%{_var}/lib/rkhunter/db
%config(noreplace) %verify(not mtime) %{_sysconfdir}/rkhunter.conf
%attr(755,root,root) %{_sysconfdir}/cron.daily/ix-rkhunter

%changelog -n rkhunter
* Thu Jan 01 2009 Carsten Schoene <cs@linux-administrator.com>
- new upstream release 1.3.4
 - Added IntoXonia-NG rootkit check.
 - Added Phalanx2 rootkit check.
 - Added support for TCB shadow files.
 - The '--propupd' option can now take an optional file, directory or package name after it.
 - Revised file properties inode check.
 - Improved the O/S name detection.
 - Improved hidden files and directories check.
 - Improved debug file option.

* Fri May 30 2008 Carsten Schoene <cs@linux-administrator.com>
- new upstream release 1.3.2
 - Socklog and rsyslog daemons support.
 - IRIX/IRIX64 support.
 - Application version check errors mostly ignored.
 - Unset ALLOW_SSH_ROOT_USER and ALLOW_SSH_PROT_V1.
 - Application check whitelisting.
 - 'pflog' checked for all *BSD now.
 - Correct scanning of /dev in LAZY mode.
 - Whitelisted passwordless account names logged.
 - Corrected obtaining process names in Solaris.
 - Unset MANPATH for .spec (OpenSuSE).
 - Correct hidden files/directories test behaviour.
 - Cater for those using fdesc/fdescfs.

* Tue Jan 15 2008 Carsten Schoene <cs@linux-administrator.com>
- reworked all patches
- changed installation to installers RPM mode
- internetx specific configuration changes

* Wed Nov 22 2006 - meissner@suse.de
- use correct string for i586. #223221
* Thu Nov 16 2006 - meissner@suse.de
- Detect openSUSE as product correctly. #216053
- renamed cron script to have "suse.de-" prefix.
* Tue Nov 07 2006 - meissner@suse.de
- Include the current database from upstream. #216053
- daily cron script to mode 755
* Wed Jul 19 2006 - meissner@suse.de
- New version 1.2.8
	- some hashes and version updated
	- small fixes
- Added SUSE Linux 10 hashes
* Thu Mar 23 2006 - meissner@suse.de
- detect 10.1. #148471
* Wed Jan 25 2006 - mls@suse.de
- converted neededforbuild to BuildRequires
* Thu Dec 01 2005 - meissner@suse.de
- Order ALLOW* directives in the right section.
- Do not |mail in a cronjob, just let cron do it for itself.
- Quiet down output so it usually should not mail.
- Enable MAIL_ON_WARNING, send mail to root. #132683
* Wed Sep 07 2005 - meissner@suse.de
- ignore /etc/.pwd.lock, /etc/.java too. #115128
* Thu Aug 18 2005 - meissner@suse.de
- recognize 10.0, ignore /dev/.udevdb/.
* Fri Aug 12 2005 - meissner@suse.de
- Use /usr/share/rkhunter instead of /usr/%%_lib/rkhunter.
- Fixed some other problems.
* Mon Jul 11 2005 - meissner@suse.de
- Initial import of rkhunter 1.2.7.

 
# norootforbuild
# usedforbuild    aaa_base acl attr audit-libs autoconf automake bash bind-libs bind-utils binutils bison bzip2 coreutils cpio cpp cpp41 cracklib cvs cyrus-sasl db diffutils e2fsprogs file filesystem fillup findutils flex gawk gcc gcc41 gdbm gdbm-devel gettext gettext-devel glibc glibc-devel glibc-locale gpm grep groff gzip info insserv klogd less libacl libattr libcom_err libgcc41 libltdl libmudflap41 libnscd libstdc++41 libtool libvolume_id libxcrypt libzio linux-kernel-headers m4 make man mktemp module-init-tools ncurses ncurses-devel net-tools netcfg openldap2-client openssl pam pam-modules patch perl permissions popt procinfo procps psmisc pwdutils rcs readline rpm sed strace sysvinit tar tcpd texinfo timezone unzip util-linux vim zlib zlib-devel
​
%define realname rkhunter
Name:           ix-rkhunter
URL:            http://www.rootkit.nl/
License:        GNU General Public License (GPL)
Group:          System/Monitoring
Autoreqprov:    on
Summary:        Rootkit Scans for Rootkits, Backdoors, and Local Exploits
Version:        1.3.4
Release:        1
Source0:        http://downloads.rootkit.nl/%{realname}-%{version}.tar.gz
Patch0:         %{realname}-10.0_os.dat.patch
Patch1:     %{realname}-config.patch
Patch2:     %{realname}-installer.patch
Requires:       coreutils wget
BuildArch:      noarch
BuildRoot:      %{_tmppath}/%{name}-%{version}-build
​
%description
Rootkit scanner is scanning tool that can give you 99.9% certainty that
your system is clean of nasty tools. This tool scans for rootkits,
backdoors, and local exploits by running tests like:
​
- Comparing MD5 hashes
​
- Looking for default files used by rootkits
​
- Checking for wrong file permissions for binaries
​
- Looking for suspected strings in LKM and KLD modules
​
- Looking for hidden files
​
- Optionally scanning within plain text and binary files
​
- Checking software versions
​
- Testing applications
​
​
​
Authors:
--------
    Michael Boelen <michael@rootkit.nl>
​
%debug_package
%prep
%setup -q -n %{realname}-%{version}
%patch0 -p1
%patch1 -p1
%patch2 -p1
%build
​
%install
./installer.sh --layout RPM --install
%if 0%{?suse_version}
mkdir -p ${RPM_BUILD_ROOT}/%{_docdir}
mv ${RPM_BUILD_ROOT}/usr/share/doc/%{realname}-%{version} ${RPM_BUILD_ROOT}%{_docdir}
%endif
cat files/rkhunter.conf >> ${RPM_BUILD_ROOT}%{_sysconfdir}/rkhunter.conf
%{__chmod} 640 ${RPM_BUILD_ROOT}%{_sysconfdir}/rkhunter.conf
# Only root should use rkhunter (at least for now)
#%{__chmod} o-rwx -R ${RPM_BUILD_ROOT}/usr/share/rkhunter
%{__chmod} o-rwx -R ${RPM_BUILD_ROOT}%{_var}/lib/rkhunter/db
# make a cron.daily file to mail us the reports
%{__mkdir} -p "${RPM_BUILD_ROOT}/%{_sysconfdir}/cron.daily"
%{__cat} > "${RPM_BUILD_ROOT}/%{_sysconfdir}/cron.daily/ix-rkhunter" <<EOF
#!/bin/sh
%{_bindir}/rkhunter --quiet --update
%{_bindir}/rkhunter --quiet --cronjob --nomow
EOF
%{__chmod} a+rwx,g-w,o-w ${RPM_BUILD_ROOT}%{_sysconfdir}/cron.daily/ix-rkhunter
​
%post
%{_bindir}/rkhunter --quiet --propupd
​
%clean
[ "$RPM_BUILD_ROOT" != "/" ] && [ -d $RPM_BUILD_ROOT ] \
  && rm -rf $RPM_BUILD_ROOT
​
%files
%defattr(-,root,root,-)
%{_bindir}/rkhunter
%doc %{_docdir}/rkhunter-%{version}
%{_mandir}/man8/*
%{_libdir}/rkhunter/scripts
%dir %{_var}/lib/rkhunter
%dir %{_var}/lib/rkhunter/tmp
%{_var}/lib/rkhunter/db
%config(noreplace) %verify(not mtime) %{_sysconfdir}/rkhunter.conf
%attr(755,root,root) %{_sysconfdir}/cron.daily/ix-rkhunter
​
%changelog -n rkhunter
* Thu Jan 01 2009 Carsten Schoene <cs@linux-administrator.com>
- new upstream release 1.3.4
 - Added IntoXonia-NG rootkit check.
 - Added Phalanx2 rootkit check.
 - Added support for TCB shadow files.
 - The '--propupd' option can now take an optional file, directory or package name after it.
 - Revised file properties inode check.
 - Improved the O/S name detection.
 - Improved hidden files and directories check.
 - Improved debug file option.
​
* Fri May 30 2008 Carsten Schoene <cs@linux-administrator.com>
- new upstream release 1.3.2
 - Socklog and rsyslog daemons support.
 - IRIX/IRIX64 support.
 - Application version check errors mostly ignored.
 - Unset ALLOW_SSH_ROOT_USER and ALLOW_SSH_PROT_V1.
 - Application check whitelisting.
 - 'pflog' checked for all *BSD now.
 - Correct scanning of /dev in LAZY mode.
 - Whitelisted passwordless account names logged.
 - Corrected obtaining process names in Solaris.
 - Unset MANPATH for .spec (OpenSuSE).
 - Correct hidden files/directories test behaviour.
 - Cater for those using fdesc/fdescfs.
​
* Tue Jan 15 2008 Carsten Schoene <cs@linux-administrator.com>
- reworked all patches
- changed installation to installers RPM mode
- internetx specific configuration changes
​
* Wed Nov 22 2006 - meissner@suse.de
- use correct string for i586. #223221
* Thu Nov 16 2006 - meissner@suse.de
- Detect openSUSE as product correctly. #216053
- renamed cron script to have "suse.de-" prefix.
* Tue Nov 07 2006 - meissner@suse.de
- Include the current database from upstream. #216053
- daily cron script to mode 755
* Wed Jul 19 2006 - meissner@suse.de
- New version 1.2.8
    - some hashes and version updated
    - small fixes
- Added SUSE Linux 10 hashes
* Thu Mar 23 2006 - meissner@suse.de
- detect 10.1. #148471
* Wed Jan 25 2006 - mls@suse.de
- converted neededforbuild to BuildRequires
* Thu Dec 01 2005 - meissner@suse.de
- Order ALLOW* directives in the right section.
- Do not |mail in a cronjob, just let cron do it for itself.
- Quiet down output so it usually should not mail.
- Enable MAIL_ON_WARNING, send mail to root. #132683
* Wed Sep 07 2005 - meissner@suse.de
- ignore /etc/.pwd.lock, /etc/.java too. #115128
* Thu Aug 18 2005 - meissner@suse.de
- recognize 10.0, ignore /dev/.udevdb/.
* Fri Aug 12 2005 - meissner@suse.de
- Use /usr/share/rkhunter instead of /usr/%%_lib/rkhunter.
- Fixed some other problems.
* Mon Jul 11 2005 - meissner@suse.de
- Initial import of rkhunter 1.2.7.
​