Date: Tue, 29 Apr 2008 11:36:29 +0200 (CEST) From: Lukasz Wasikowski <lukasz@wasikowski.net> To: FreeBSD-gnats-submit@FreeBSD.org Cc: , farrokhi@freebsd.org, miwi@FreeBSD.org Subject: ports/123204: Update port: security/rkhunter version update to 1.3.2 Message-ID: <20080429093629.711E95C049@bijou.wasikowski.net> Resent-Message-ID: <200804290940.m3T9e1en076752@freefall.freebsd.org>
next in thread | raw e-mail | index | archive | help
>Number: 123204 >Category: ports >Synopsis: Update port: security/rkhunter version update to 1.3.2 >Confidential: no >Severity: non-critical >Priority: low >Responsible: freebsd-ports-bugs >State: open >Quarter: >Keywords: >Date-Required: >Class: change-request >Submitter-Id: current-users >Arrival-Date: Tue Apr 29 09:40:01 UTC 2008 >Closed-Date: >Last-Modified: >Originator: Lukasz Wasikowski >Release: FreeBSD 7.0-RELEASE i386 >Organization: >Environment: System: FreeBSD bijou.wasikowski.net 7.0-RELEASE FreeBSD 7.0-RELEASE #0: Mon Feb 25 16:09:17 CET 2008 root@bijou.wasikowski.net:/usr/obj/usr/src/sys/bijou i386 >Description: Fixed encoding problem when sending previous patch. If this won't patch cleanly then I'll give up :) >How-To-Repeat: >Fix: --- rkhunter.diff begins here --- diff -ruN rkhunter.old/Makefile rkhunter/Makefile --- rkhunter.old/Makefile 2007-10-21 01:51:21.000000000 +0200 +++ rkhunter/Makefile 2008-04-29 11:15:08.000000000 +0200 @@ -6,7 +6,7 @@ # PORTNAME= rkhunter -PORTVERSION= 1.3.0 +PORTVERSION= 1.3.2 CATEGORIES= security MASTER_SITES= SF diff -ruN rkhunter.old/distinfo rkhunter/distinfo --- rkhunter.old/distinfo 2007-10-21 01:51:21.000000000 +0200 +++ rkhunter/distinfo 2008-04-29 11:13:40.000000000 +0200 @@ -1,3 +1,3 @@ -MD5 (rkhunter-1.3.0.tar.gz) = 89a4628c6378fdf3331d5a43b975d967 -SHA256 (rkhunter-1.3.0.tar.gz) = a46610fc761e61f4f85750693f6e17aafa3a47e24e8cef76401f67d25e94d186 -SIZE (rkhunter-1.3.0.tar.gz) = 252011 +MD5 (rkhunter-1.3.2.tar.gz) = a00ff64d7076d6ff47ef0c9f0b6202f2 +SHA256 (rkhunter-1.3.2.tar.gz) = 2a325acedc094bc5ae9d5a3326af760bb376d5a1122c433d22477968eec1eebd +SIZE (rkhunter-1.3.2.tar.gz) = 269563 diff -ruN rkhunter.old/files/patch-rkhunter.conf rkhunter/files/patch-rkhunter.conf --- rkhunter.old/files/patch-rkhunter.conf 2007-10-21 01:51:21.000000000 +0200 +++ rkhunter/files/patch-rkhunter.conf 2008-04-29 11:13:40.000000000 +0200 @@ -1,5 +1,5 @@ ---- files/rkhunter.conf.orig Wed Oct 17 11:21:03 2007 -+++ files/rkhunter.conf Wed Oct 17 11:21:19 2007 +--- files/rkhunter.conf.orig 2008-03-14 10:19:30.000000000 +0100 ++++ files/rkhunter.conf 2008-03-14 10:21:43.000000000 +0100 @@ -76,6 +76,7 @@ # sure that the directory permissions are tight. # @@ -8,3 +8,52 @@ # # Specify the database directory to use. +@@ -154,7 +155,8 @@ + # file, then a value here of 'yes' or 'unset' will not cause a warning. + # This option has a default value of 'no'. + # +-ALLOW_SSH_ROOT_USER=no ++#ALLOW_SSH_ROOT_USER=no ++ALLOW_SSH_ROOT_USER=unset + + # + # Set this option to '1' to allow the use of the SSH-1 protocol, but note +@@ -165,7 +167,8 @@ + # configuration file, then a value of '2' may be set here in order to + # suppress a warning message. This option has a default value of '0'. + # +-ALLOW_SSH_PROT_V1=0 ++#ALLOW_SSH_PROT_V1=0 ++ALLOW_SSH_PROT_V1=2 + + # + # This setting tells rkhunter the directory containing the SSH configuration +@@ -278,12 +281,20 @@ + #SCRIPTWHITELIST=/sbin/ifup + #SCRIPTWHITELIST=/sbin/ifdown + #SCRIPTWHITELIST=/usr/bin/groups ++SCRIPTWHITELIST=/usr/bin/whatis ++SCRIPTWHITELIST=/usr/sbin/adduser ++SCRIPTWHITELIST=/usr/local/bin/GET ++SCRIPTWHITELIST=/usr/local/sbin/pkgdb + + # + # Allow the specified commands to have the immutable attribute set. + # One command per line (use multiple IMMUTWHITELIST lines). + # + #IMMUTWHITELIST=/sbin/ifup ++IMMUTWHITELIST=/usr/bin/login ++IMMUTWHITELIST=/usr/bin/passwd ++IMMUTWHITELIST=/usr/bin/su ++IMMUTWHITELIST=/sbin/init + + # + # Allow the specified hidden directories. +@@ -434,6 +445,7 @@ + # Note: For *BSD systems you may need to enable this for the 'toor' account. + # + #UID0_ACCOUNTS="toor rooty" ++UID0_ACCOUNTS="toor" + + # + # Allow the following accounts to have no password. This option is a --- rkhunter.diff ends here --- >Release-Note: >Audit-Trail: >Unformatted:
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20080429093629.711E95C049>