SOURCES (RA-branch): chkrootkit-names.patch - up to 0.45

tiwek Wed, 23 Feb 2005 08:59:27 -0800

Author: tiwek                        Date: Wed Feb 23 16:59:22 2005 GMT
Module: SOURCES                       Tag: RA-branch
---- Log message:
- up to 0.45


---- Files affected:
SOURCES:
   chkrootkit-names.patch (1.11 -> 1.11.4.1) 

---- Diffs:

================================================================
Index: SOURCES/chkrootkit-names.patch
diff -u SOURCES/chkrootkit-names.patch:1.11 
SOURCES/chkrootkit-names.patch:1.11.4.1
--- SOURCES/chkrootkit-names.patch:1.11 Tue Dec 30 09:34:45 2003
+++ SOURCES/chkrootkit-names.patch      Wed Feb 23 17:59:17 2005
@@ -1,7 +1,6 @@
-diff -Nur chkrootkit-0.43.orig/chkrootkit chkrootkit-0.43/chkrootkit
---- chkrootkit-0.43.orig/chkrootkit    2003-12-28 17:48:16.000000000 +0100
-+++ chkrootkit-0.43/chkrootkit 2003-12-30 09:09:25.887663096 +0100
-@@ -151,20 +151,20 @@
+--- chkrootkit-0.45/chkrootkit~        2005-02-22 13:57:31.000000000 +0100
++++ chkrootkit-0.45/chkrootkit 2005-02-23 16:06:28.882194672 +0100
+@@ -149,23 +149,23 @@
      fi
  
      if [ "${EXPERT}" = "t" ]; then
@@ -20,6 +19,21 @@
      fi
  }
  
+ chkutmp() {
+-    if [ ! -x ./chkutmp ]; then
+-      echo "not tested: can't exec ./chkutmp"
++    if [ ! -x /usr/bin/chkrootkit-chkutmp ]; then
++      echo "not tested: can't exec /usr/bin/chkrootkit-chkutmp"
+       return ${NOT_TESTED}
+     fi
+-    if ./chkutmp
++    if /usr/bin/chkrootkit-chkutmp
+     then
+       if [ "${QUIET}" != "t" ]; then echo "chkutmp: nothing deleted"; fi
+     fi
+@@ -173,8 +173,8 @@
+ }
+ 
  z2 () {
 -    if [ ! -x ./chklastlog ]; then
 -      echo "not tested: can't exec ./chklastlog"
@@ -28,7 +42,7 @@
        return ${NOT_TESTED}
      fi
  
-@@ -178,32 +178,32 @@
+@@ -187,32 +187,32 @@
      fi
  
      if [ "${EXPERT}" = "t" ]; then
@@ -40,7 +54,7 @@
 -    if ./chklastlog -f ${WTMP} -l ${LASTLOG}
 +    if /usr/bin/chkrootkit-chklastlog -f ${WTMP} -l ${LASTLOG}
      then
-       if [ "${QUIET}" != "t" ]; then echo "nothing deleted"; fi
+       if [ "${QUIET}" != "t" ]; then echo "chklastlog: nothing deleted"; fi
      fi
  }
  
@@ -63,13 +77,13 @@
 +             expertmode_output "/usr/bin/chkrootkit-check_wtmpx"
                return 5
            fi
-         if [ -f ${ROOTDIR}var/adm/wtmp ]; then 
+         if [ -f ${ROOTDIR}var/adm/wtmp ]; then
 -             if ./check_wtmpx
 +             if /usr/bin/chkrootkit-check_wtmpx
                  then
                  if [ "${QUIET}" != "t" ]; then \
-                    echo "nothing deleted in /var/adm/wtmpx"; fi
-@@ -214,12 +214,12 @@
+                    echo "check_wtmpx: nothing deleted in /var/adm/wtmpx"; fi
+@@ -223,12 +223,12 @@
         WTMP=`loc wtmp wtmp "${ROOTDIR}var/log ${ROOTDIR}var/adm"`
  
         if [ "${EXPERT}" = "t" ]; then
@@ -82,12 +96,12 @@
 -    if ./chkwtmp -f ${WTMP}
 +    if /usr/bin/chkrootkit-chkwtmp -f ${WTMP}
      then
-       if [ "${QUIET}" != "t" ]; then echo "nothing deleted"; fi
+       if [ "${QUIET}" != "t" ]; then echo "chkwtmp: nothing deleted"; fi
      fi
-@@ -258,8 +258,8 @@
+@@ -267,8 +267,8 @@
      prog=""
      if [  \( "${SYSTEM}" = "Linux"  -o \( "${SYSTEM}" = "FreeBSD" -a \
-        ${V} -gt 43 \) \) -a "${ROOTDIR}" = "/" ]; then
+        `echo ${V} | ${awk} '{ if ($1 > 4.3) print 1; else print 0 }'` -eq 1 
\) \) -a "${ROOTDIR}" = "/" ]; then
 -      [ ! -x ./chkproc ] && prog="./chkproc"
 -      [ ! -x ./chkdirs ] && prog="$prog ./chkdirs"
 +      [ ! -x /usr/bin/chkrootkit-chkproc ] && 
prog="/usr/bin/chkrootkit-chkproc"
@@ -95,74 +109,44 @@
        if [ "$prog" != "" ]; then
  #        echo "not tested: can't exec $prog"
          return ${NOT_TESTED}
-@@ -268,7 +268,7 @@
-       if [ "${EXPERT}" = "t" ]; then
-          [ -r /proc/ksyms ] &&  ${egrep} -i "adore|sebek" < /proc/ksyms 
2>/dev/null
-          [ -d /proc/knark ] &&  ${ls} -la /proc/knark 2> /dev/null
--          expertmode_output "./chkproc -v -v"
-+          expertmode_output "/usr/bin/chkrootkit-chkproc -v -v"
-           return 5
+@@ -280,7 +280,7 @@
+          PV=`$ps -V 2>/dev/null| $cut -d " " -f 3 |$awk -F . '{ print $1 "." 
$2 $3 }' | ${awk} '{ if ($0 > 3.19) print 2; else print 1 }'`
+          [ "$PV" = "" ] &&  PV=1
+          [ "${SYSTEM}" = "SunOS" ] && PV=0
+-         expertmode_output "./chkproc -v -v -p $PV"
++         expertmode_output "/usr/bin/chkrootkit-chkproc -v -v -p $PV"
+          return 5
        fi
  
-@@ -289,7 +289,7 @@
-          echo "Warning: Knark LKM installed"
+@@ -306,7 +306,7 @@
+       if [ "${DEBUG}" = "t" ]; then
+            ${echo} "*** PV=$PV ***"
        fi
- 
--      if ./chkproc
-+      if /usr/bin/chkrootkit-chkproc
+-      if ./chkproc -p ${PV}
++      if /usr/bin/chkrootkit-chkproc -p ${PV}
        then
-            if [ "${QUIET}" != "t" ]; then echo "nothing detected"; fi
+            if [ "${QUIET}" != "t" ]; then echo "chkproc: nothing detected"; fi
        else
-@@ -1505,18 +1505,18 @@
+@@ -1582,18 +1582,18 @@
  
     if [ "${SYSTEM}" = "Linux" ]
     then
 -      if [ ! -x ./strings-static ]; then
 -        printn "can't exec ./strings-static, "
-+      if [ ! -x /usr/bin/chkrootkit-strings ]; then
-+        printn "can't exec /usr/bin/chkrootkit-strings, "
++      if [ ! -x /usr/bin/chkrootkit-strings-static ]; then
++        printn "can't exec /usr/bin/chkrootkit-strings-static, "
          return ${NOT_TESTED}
        fi
  
        if [ "${EXPERT}" = "t" ]; then
--          expertmode_output "./strings -a ${CMD}"
-+          expertmode_output "/usr/bin/chkrootkit-strings -a ${CMD}"
+-          expertmode_output "./strings-static -a ${CMD}"
++          expertmode_output "/usr/bin/chkrootkit-strings-static -a ${CMD}"
            return 5
        fi
  
        ### strings must be a statically linked binary.
 -      if ./strings-static -a ${CMD} > /dev/null 2>&1
-+      if /usr/bin/chkrootkit-strings -a ${CMD} > /dev/null 2>&1
++      if /usr/bin/chkrootkit-strings-static -a ${CMD} > /dev/null 2>&1
        then
           STATUS=${INFECTED}
        fi
-diff -Nur chkrootkit-0.43.orig/Makefile chkrootkit-0.43/Makefile
---- chkrootkit-0.43.orig/Makefile      2003-12-30 09:08:57.815930648 +0100
-+++ chkrootkit-0.43/Makefile   2003-12-30 09:09:59.581540848 +0100
-@@ -25,13 +25,13 @@
- 
- SRCS   = chklastlog.c chkwtmp.c ifpromisc.c chkproc.c chkdirs.c check_wtmpx.c 
strings.c
- 
--OBJS   = chklastlog.o chkwtmp.o ifpromisc.o chkproc.o chkdirs.o check_wtmpx.o 
strings-static.o
-+OBJS   = chklastlog.o chkwtmp.o ifpromisc.o chkproc.o chkdirs.o check_wtmpx.o 
strings.o
- 
- all:
-       @echo '*** stopping make sense ***'
-       @exec make sense
- 
--sense: chklastlog chkwtmp ifpromisc chkproc chkdirs check_wtmpx strings-static
-+sense: chklastlog chkwtmp ifpromisc chkproc chkdirs check_wtmpx strings
- 
- chklastlog:   chklastlog.c
-       ${CC} ${CFLAGS} -o $@ chklastlog.c
-@@ -51,8 +51,8 @@
- check_wtmpx:   check_wtmpx.c
-       ${CC} ${LDFLAGS} -o $@ check_wtmpx.c
- 
--strings-static:   strings.c
-+strings:   strings.c
-       ${CC} ${STATIC} ${LDFLAGS} -o $@ strings.c
- 
- clean:
--      rm -f ${OBJS} core chklastlog chkwtmp ifpromisc chkproc chkdirs 
check_wtmpx strings-static
-+      rm -f ${OBJS} core chklastlog chkwtmp ifpromisc chkproc chkdirs 
check_wtmpx strings
================================================================

---- CVS-web:
    
http://cvs.pld-linux.org/SOURCES/chkrootkit-names.patch?r1=1.11&r2=1.11.4.1&f=u


_______________________________________________
pld-cvs-commit mailing list
[email protected]
http://lists.pld-linux.org/mailman/listinfo/pld-cvs-commit

SOURCES (RA-branch): chkrootkit-names.patch - up to 0.45

Reply via email to