Hello community, here is the log from the commit of package rkhunter for openSUSE:Factory checked in at Thu Aug 11 11:31:24 CEST 2011.
-------- New Changes file: --- /dev/null 2010-08-26 16:28:41.000000000 +0200 +++ /mounts/work_src_done/STABLE/rkhunter/rkhunter.changes 2011-08-04 16:29:35.000000000 +0200 @@ -0,0 +1,194 @@ +------------------------------------------------------------------- +Thu Aug 4 14:28:31 UTC 2011 - sascha.ma...@open-slx.de + +- fixed License to GPLv2 or later + has misunderstood a message + +------------------------------------------------------------------- +Tue May 24 11:30:58 UTC 2011 - saigk...@opensuse.org + +- fixed bnc#695317 based on Volker Kuhlmann THX + +------------------------------------------------------------------- +Wed Nov 17 13:56:58 UTC 2010 - saigk...@opensuse.org + +- Updated to version 1.3.8 + +------------------------------------------------------------------- +Mon Nov 30 16:44:30 UTC 2009 - saigk...@opensuse.org + +- updated to Version 1.3.6 + +------------------------------------------------------------------- +Mon Nov 30 16:42:06 UTC 2009 - saigk...@opensuse.org + +- cleanup : + +------------------------------------------------------------------- +Sat Jan 10 18:46:00 UTC 2009 - saigk...@opensuse.org - 1.3.4 + +- branched for OpenSUSE:Factory:contrib +- changed License to GPLv3 +- changed Sourcecode from *.tar.gz to tar.bz2 + +------------------------------------------------------------------- +Wed Dec 31 00:00:00 CET 2008 - lr...@suse.de - 1.3.4 + +- update to 1.3.4 + + The change log lists 4 additions, 8 changes and 9 bugfixes. Here are a few: + + Added IntoXonia-NG rootkit check. + + Added Phalanx2 rootkit check. + + Added support for TCB shadow files. + + The '--propupd' option can now take an optional file, + directory or package name after it. + + Revised file properties inode check. + + Improved the O/S name detection. + + Improved hidden files and directories check. + + Improved debug file option. + +------------------------------------------------------------------- +Fri Nov 14 12:29:36 CET 2008 - lr...@suse.de - 1.3.2 + +- added rkhunter-1.3.2-CVE-2008-4982.patch + +------------------------------------------------------------------- +Tue Nov 4 10:31:05 CET 2008 - l...@linux-schulserver.de - 1.3.2 + +- added --no-mail-on-warning as option to the sysconfig and cronjob + to avoid double mails + +------------------------------------------------------------------- +Mon Jun 30 15:01:42 CEST 2008 - lr...@suse.de - 1.3.2 + +- added /dev/shm/pulse-shm to allowed dev files + +------------------------------------------------------------------- +Mon May 26 15:09:19 CEST 2008 - lr...@suse.de - 1.3.2 + +- allow users to disable SuSEconfig script via sysconfig file + +------------------------------------------------------------------- +Thu May 8 13:24:38 CEST 2008 - lr...@suse.de - 1.3.2 + +- remove the --propupd option from cron: makes more problems than + it solves +- add SuSEconfig.rkhunter instead if build in OBS +- update README.SuSE + +------------------------------------------------------------------- +Tue May 6 12:31:43 CEST 2008 - lr...@suse.de - 1.3.2 + +- fix typo in cronjob (bnc#384668) +- logrotate script is %config + +------------------------------------------------------------------- +Mon Apr 28 18:10:37 CEST 2008 - lr...@suse.de - 1.3.2 + +- allow /dev/shm/sysconfig/new-stamp-* files + +------------------------------------------------------------------- +Tue Apr 8 12:12:50 CEST 2008 - lr...@suse.de - 1.3.2 + +- fix typo in sysconfig file + +------------------------------------------------------------------- +Thu Apr 3 19:41:37 CEST 2008 - lr...@suse.de - 1.3.2 + +- update to 1.3.2: + The changelog lists 3 additions, 6 changes and 14 bugfixes. + Naming a few: + + Socklog and rsyslog daemons support. + + Application version check errors mostly ignored. + + Unset ALLOW_SSH_ROOT_USER and ALLOW_SSH_PROT_V1. + + Application check whitelisting. + + Correct scanning of /dev in LAZY mode. + + Whitelisted passwordless account names logged. + + Corrected obtaining process names in Solaris. + + Correct hidden files/directories test behaviour. + + Cater for those using fdesc/fdescfs. + +------------------------------------------------------------------- +Wed Feb 6 13:51:10 CET 2008 - lr...@suse.de - 1.3.0 + +- update to 1.3.0: + - many new features + (needs testing) + +------------------------------------------------------------------- +Wed Nov 28 17:17:47 CET 2007 - lr...@suse.de - 1.2.9 + +- newdb.tar.bz2 updated +- rkhunter-10.3.patch adapted + +------------------------------------------------------------------- +Fri Jun 01 17:31:19 CET 2007 - lr...@suse.de - 1.2.9 + +- update to 1.29 +- improved the cronjob +- added sysconfig file for cronjob +- add /var/log/rkhunter.log as %ghost +- add hashupd.sh to scripts directory + +------------------------------------------------------------------- +Wed Nov 22 19:58:18 CET 2006 - meiss...@suse.de - 1.2.8 + +- use correct string for i586. #223221 + +------------------------------------------------------------------- +Thu Nov 16 11:37:13 CET 2006 - meiss...@suse.de - 1.2.8 + +- Detect openSUSE as product correctly. #216053 +- renamed cron script to have "suse.de-" prefix. + +------------------------------------------------------------------- +Tue Nov 7 16:51:10 CET 2006 - meiss...@suse.de - 1.2.8 + +- Include the current database from upstream. #216053 +- daily cron script to mode 755 + +------------------------------------------------------------------- +Wed Jul 19 14:44:03 CEST 2006 - meiss...@suse.de - 1.2.8 + +- New version 1.2.8 + - some hashes and version updated + - small fixes +- Added SUSE Linux 10 hashes + +------------------------------------------------------------------- +Thu Mar 23 14:12:10 CET 2006 - meiss...@suse.de - 1.2.7 + +- detect 10.1. #148471 + +------------------------------------------------------------------- +Wed Jan 25 21:47:41 CET 2006 - m...@suse.de - 1.2.7 + +- converted neededforbuild to BuildRequires + +------------------------------------------------------------------- +Thu Dec 1 17:42:00 CET 2005 - meiss...@suse.de - 1.2.7 + +- Order ALLOW* directives in the right section. +- Do not |mail in a cronjob, just let cron do it for itself. +- Quiet down output so it usually should not mail. +- Enable MAIL_ON_WARNING, send mail to root. #132683 + +------------------------------------------------------------------- +Wed Sep 7 10:40:53 CEST 2005 - meiss...@suse.de - 1.2.7 + +- ignore /etc/.pwd.lock, /etc/.java too. #115128 + +------------------------------------------------------------------- +Thu Aug 18 17:06:56 CEST 2005 - meiss...@suse.de - 1.2.7 + +- recognize 10.0, ignore /dev/.udevdb/. + +------------------------------------------------------------------- +Fri Aug 12 14:08:55 CEST 2005 - meiss...@suse.de - 1.2.7 + +- Use /usr/share/rkhunter instead of /usr/%_lib/rkhunter. +- Fixed some other problems. + +------------------------------------------------------------------- +Mon Jul 11 18:16:41 CEST 2005 - meiss...@suse.de - 1.2.7 + +- Initial import of rkhunter 1.2.7 calling whatdependson for head-i586 New: ---- rkhunter-1.3.8.tar.bz2 rkhunter-README.SuSE rkhunter-installer-fix.patch rkhunter.changes rkhunter.cron rkhunter.logrotate rkhunter.spec rkhunter.sysconfig ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ rkhunter.spec ++++++ # # spec file for package rkhunter # # Copyright (c) 2011 SUSE LINUX Products GmbH, Nuernberg, Germany. # Copyright (c) 2009-2010 by Sascha Manns <saigk...@opensuse.org> # # All modifications and additions to the file contributed by third parties # remain the property of their copyright owners, unless otherwise agreed # upon. The license for this file, and modifications and additions to the # file, is the same license as for the pristine package itself (unless the # license for the pristine package is not an Open Source License, in which # case the license is the MIT License). An "Open Source License" is a # license that conforms to the Open Source Definition (Version 1.9) # published by the Open Source Initiative. # Please submit bugfixes or comments via http://bugs.opensuse.org/ # Name: rkhunter Version: 1.3.8 Release: 1 License: GPL v2 or later Summary: Rootkit Hunter Scans for Rootkits, Backdoors, and Local Exploits Url: http://rkhunter.sourceforge.net/ Group: System/Monitoring Source0: %{name}-%{version}.tar.bz2 Source2: %{name}.sysconfig Source3: %{name}.cron Source5: %{name}-README.SuSE Source6: %{name}.logrotate # PATCH-FIX-OPENSUSE -- saigk...@opensuse.org - Fix Pathes2 Patch0: %{name}-installer-fix.patch BuildRequires: wget PreReq: %fillup_prereq Requires: bash Requires: cron Requires: findutils Recommends: logrotate Recommends: netcfg Recommends: wget BuildRoot: %{_tmppath}/%{name}-%{version}-build AutoReqProv: no %description Rootkit Hunter scans files and systems for known and unknown rootkits, backdoors, and sniffers. The package contains one shell script, a few text-based databases, and optional Perl modules. This tool scans for rootkits, backdoors, and local exploits by running tests like: * Comparing MD5 hashes * Looking for default files used by rootkits * Checking for wrong file permissions for binaries * Looking for suspected strings in LKM and KLD modules * Looking for hidden files * Optionally scanning within plain text and binary files * Checking software versions * Testing applications %prep %setup -q %patch0 -p0 %build sed -e 's/\${MYDIR}\/lib/\%{_prefix}\/share/;' files/rkhunter >files/rkhunter.new mv files/rkhunter.new files/rkhunter %install sh ./installer.sh --layout RPM --install %{__install} -D -m640 %{SOURCE2} %{buildroot}%{_localstatedir}/adm/fillup-templates/sysconfig.%{name} %{__install} -d %{buildroot}%{_docdir}/%{name}-%{version} %{__install} -m644 %{SOURCE5} %{buildroot}%{_docdir}/%{name}-%{version}/README.SuSE %{__install} -D -m640 %{SOURCE6} %{buildroot}%{_sysconfdir}/logrotate.d/%{name} # Make a cron.daily file to mail us the reports %{__install} -d %{buildroot}%{_sysconfdir}/cron.daily/ %{__install} -Dm750 %{SOURCE3} %{buildroot}%{_sysconfdir}/cron.daily/suse.de-%{name} # adapt the default config for using in openSUSE sed "s|^PREFIX*|PREFIX="%{_prefix}"|g; \ s|^#SCRIPTDIR.*|SCRIPTDIR=%{_prefix}/lib/%{name}/scripts|g; \ s|^#TMPDIR.*|TMPDIR=%{_var}/lib/rkhunter/tmp|g; \ s|^#DBDIR.*|DBDIR=%{_var}/lib/rkhunter/db|g; \ s|^APPEND_LOG=0|APPEND_LOG=1|g; \ s|ALLOW_SSH_ROOT_USER=no|ALLOW_SSH_ROOT_USER=yes|g; \ s|^#PKGMGR.*|PKGMGR=RPM|g; \ s|^#ALLOWHIDDENDIR=%{_sysconfdir}/.java.*|ALLOWHIDDENDIR=%{_sysconfdir}/.java|g; \ s|^#ALLOWHIDDENDIR=/dev/.udev.*|ALLOWHIDDENDIR=/dev/.udev|g; \ s|^#ALLOWHIDDENFILE=%{_sysconfdir}/.pwd.lock.*|ALLOWHIDDENFILE=%{_sysconfdir}/.pwd.lock|g; \ s|^#ALLOWDEVFILE=/dev/shm/pulse-shm-.*|ALLOWDEVFILE=/dev/shm/sysconfig/new-stamp-\*|g" \ %{buildroot}%{_sysconfdir}/%{name}.conf > %{buildroot}%{_sysconfdir}/%{name}.conf.new mv %{buildroot}%{_sysconfdir}/%{name}.conf.new %{buildroot}%{_sysconfdir}/%{name}.conf for i in ifup-lo if-lo network config-lo new-stamp-2; do echo "ALLOWDEVFILE=/dev/shm/sysconfig/$i" >> %{buildroot}%{_sysconfdir}/%{name}.conf done for i in $(seq 0 9); do echo "ALLOWDEVFILE=/dev/shm/sysconfig/ifup-eth$i" >> %{buildroot}%{_sysconfdir}/%{name}.conf echo "ALLOWDEVFILE=/dev/shm/sysconfig/if-eth$i" >> %{buildroot}%{_sysconfdir}/%{name}.conf echo "ALLOWDEVFILE=/dev/shm/sysconfig/config-eth$i" >> %{buildroot}%{_sysconfdir}/%{name}.conf done echo "ALLOWDEVFILE=/dev/shm/pulse-shm-*" >> %{buildroot}%{_sysconfdir}/%{name}.conf # install ghost file mkdir -p %{buildroot}%{_localstatedir}/log touch %{buildroot}%{_localstatedir}/log/%{name}.log # strip %#{_libdir}/%{name}/%{name}/plugins/*.so %clean [ %{buildroot} != "/" ] && [ -d %{buildroot} ] \ && rm -rf %{buildroot} %post %{fillup_only} %files %defattr(644,root,root,755) %doc %{_mandir}/man8/%{name}.8* %doc %{_docdir}/%{name}-%{version}/ACKNOWLEDGMENTS %doc %{_docdir}/%{name}-%{version}/CHANGELOG %doc %{_docdir}/%{name}-%{version}/FAQ %doc %{_docdir}/%{name}-%{version}/LICENSE %doc %{_docdir}/%{name}-%{version}/README %doc %{_docdir}/%{name}-%{version}/README.SuSE %doc %{_docdir}/%{name}-%{version} %dir %{_libdir}/%{name} %dir %{_libdir}/%{name}/scripts %dir %{_var}/lib/%{name} %dir %{_var}/lib/%{name}/db %dir %{_var}/lib/%{name}/db/i18n %dir %{_var}/lib/%{name}/tmp %defattr(640,root,root,-) %config(noreplace) %{_sysconfdir}/%{name}.conf %verify(not md5 size mtime) %{_var}/lib/%{name}/db/*.dat %{_var}/lib/%{name}/db/i18n/* %config(noreplace) %{_sysconfdir}/logrotate.d/rkhunter %{_localstatedir}/adm/fillup-templates/sysconfig.%{name} %ghost %verify(not md5 size mtime) %config(noreplace)%{_localstatedir}/log/%{name}.log %defattr(750,root,root,-) %{_bindir}/%{name} %{_sysconfdir}/cron.daily/suse.de-%{name} %{_libdir}/%{name}/scripts/*.pl %{_libdir}/%{name}/scripts/*.sh %changelog ++++++ rkhunter-README.SuSE ++++++ RKHUNTER FAQ The new Rootkit Hunter FAQ is located at: http://sourceforge.net/docman/display_doc.php?docid=35179&group_id=155034 DATABASE UPDATES To be able to run automatic database update, you will need to install wget and set the DB_UPDATE variable to "yes". ++++++ rkhunter-installer-fix.patch ++++++ Index: installer.sh =================================================================== --- installer.sh.orig +++ installer.sh @@ -129,7 +129,7 @@ selectTemplate() { # Take input from the /usr|/usr/local|default|custom_*|RPM|DEB|TGZ) case "$1" in default) - PREFIX="/usr/local" + PREFIX="/usr" ;; custom_*) PREFIX=`echo "${RKHINST_LAYOUT}" | sed 's|custom_||g'` @@ -163,9 +163,9 @@ selectTemplate() { # Take input from the if [ -n "${RPM_BUILD_ROOT}" ]; then if [ "${RPM_BUILD_ROOT}" = "/" ]; then RPM_USING_ROOT=1 - PREFIX="/usr/local" + PREFIX="/usr" else - PREFIX="${RPM_BUILD_ROOT}/usr/local" + PREFIX="${RPM_BUILD_ROOT}/usr" fi else echo "RPM installation chosen but \$RPM_BUILD_ROOT variable not found. Exiting." @@ -218,7 +218,7 @@ selectTemplate() { # Take input from the esac case "$1" in - /usr/local|custom_*) + /usr|custom_*) SYSCONFIGDIR="${PREFIX}/etc" ;; RPM) @@ -366,7 +366,7 @@ selectTemplate() { # Take input from the else RKHINST_DB_DIR="${VARDIR}/lib/${APPNAME}/db" RKHINST_TMP_DIR="${VARDIR}/lib/${APPNAME}/tmp" - RKHINST_DOC_DIR="${SHAREDIR}/doc/${APPNAME}-${APPVERSION}" + RKHINST_DOC_DIR="${SHAREDIR}/doc/packages/${APPNAME}-${APPVERSION}" fi RKHINST_MAN_DIR="${SHAREDIR}/man/man8" ++++++ rkhunter.cron ++++++ #!/bin/sh # # cronscript for rkhunter # Author: Lars Vogdt # This script is GPL v.2 and free to use. # See LICENSE file for use of this software. # # $Id$ # PATH=/bin:/usr/bin:/usr/lib/rkhunter/scripts RKHUNTER=/usr/bin/rkhunter DISTCONFIG="/etc/sysconfig/rkhunter" ################################################## # Default/Fallback values # Don't change them here! Use $DISKCONFIG instead ################################################## START_RKHUNTER="yes" CRON_DB_UPDATE="no" NICE="0" LOGFILE="/var/log/rkhunter.log" REPORT_EMAIL="root" OPTIONS="--no-mail-on-warning --cronjob --report-warnings-only --append-log --pkgmgr RPM" ################################################## if [ ! -x $RKHUNTER ]; then echo "$RKHUNTER not found or not executable" >&2 exit 1 fi # source our config if [ -f $DISTCONFIG ]; then . $DISTCONFIG else echo "$DISTCONFIG not found - using defaults" >&2 fi # use fqdn in summary, to make it easier # to distinguish between different hosts if [ -f /etc/HOSTNAME ]; then NAME=$(cat /etc/HOSTNAME) SUMMARY="Subject: [rkhunter] Warnings for $NAME" else SUMMARY="Subject: [rkhunter] Warnings" fi case "$START_RKHUNTER" in [Yy]*) OUTFILE=`mktemp /var/tmp/rkhunter-cron.XXXXXX` || exit 1 # first update the database if [ x"$CRON_DB_UPDATE" = x"yes" ]; then # wget is recommended - so we can't be shure that it exists if [ ! -x /usr/bin/wget ]; then echo "/usr/bin/wget not found or not executable" >&2 echo "Database update disabled" break; fi $RKHUNTER --versioncheck 1>/dev/null 2>>$OUTFILE $RKHUNTER --update 1>/dev/null 2>>$OUTFILE fi nice -n $NICE $RKHUNTER $OPTIONS --createlogfile $LOGFILE >> $OUTFILE if [ $(stat -c %s $OUTFILE) -ne 0 ]; then ( echo "$SUMMARY" echo "" cat $OUTFILE ) | /usr/sbin/sendmail $REPORT_EMAIL fi rm -f $OUTFILE ;; *) exit 0 ;; esac ++++++ rkhunter.logrotate ++++++ /var/log/rkhunter.log { weekly missingok rotate 4 compress delaycompress notifempty create 640 root root } ++++++ rkhunter.sysconfig ++++++ ## Path: System/Security/rkhunter ## Type: yesno ## Default: yes # # The START_RKHUNTER variable controls whether the rkhunter # check scripts should be run automatically every night. # Set to "no" to disable # START_RKHUNTER="yes" ## Type: yesno ## Default: yes # # Run SuSEconfig script via YaST? # If you install software via YaST, the SuSEconfig script will # update your rkhunter database afterwards automatically. # You should run 'rkhunter --propupd' manually if you disable # this value. # RUN_SUSECONFIG="yes" ## Type: yesno ## Default: no # # Update the databases of rkhunter via cronjob once a day. # This is only done if the START_RKHUNTER variable is enabled. # Needs internet access. # CRON_DB_UPDATE="no" ## Type: yesno ## Default: no # # Update the file properties database. # One of the checks rkhunter performs is to compare various current # file properties of various commands, against those it has previously # stored. # This command option causes rkhunter to update its data file of stored # values with the current values. # If you've installed or updated new software, this tag should be set # to "yes" - but don't forget to disable it afterwards! # PRO_UPDATE="no" ## Type: integer(-20:19) ## Default: 0 # # Renice the rkhunter process when running as cronjob. # Possible values: -20 up to 19 # NICE="0" ## Type: string ## Default: "/var/log/rkhunter.log" # # Path to the logfile for rkhunter messages. # Leave it empty means: create no logfile. # # Be shure that rkhunter can write to this log. # LOGFILE="/var/log/rkhunter.log" ## Type: string ## Default: "root" # # Send report mails to the following account. # Use a system account or a valid email-address # here. # REPORT_EMAIL="root" ## Type: string ## Default: "--cronjob --report-warnings-only --append-log --pkgmgr RPM" # # Additional options (see rkhunter --help) for rkhunter. # OPTIONS="--no-mail-on-warning --cronjob --report-warnings-only --append-log --pkgmgr RPM" ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Remember to have fun... -- To unsubscribe, e-mail: opensuse-commit+unsubscr...@opensuse.org For additional commands, e-mail: opensuse-commit+h...@opensuse.org