Date: Sun, 29 Aug 2004 23:13:56 +0200 (CEST) From: bugghy <bugghy@phenix.rootshell.be> To: FreeBSD-gnats-submit@FreeBSD.org Cc: bugghy@SAFe-mail.net Subject: ports/71119: [maintainer update] Update port: security/rkhunter Rootkit detection tool Message-ID: <Pine.LNX.4.44.0408292312560.5666-100000@phenix.rootshell.be> Resent-Message-ID: <200408292120.i7TLKSGi027554@freefall.freebsd.org>
next in thread | raw e-mail | index | archive | help
>Number: 71119 >Category: ports >Synopsis: [maintainer update] Update port: security/rkhunter Rootkit detection tool >Confidential: no >Severity: non-critical >Priority: low >Responsible: freebsd-ports-bugs >State: open >Quarter: >Keywords: >Date-Required: >Class: maintainer-update >Submitter-Id: current-users >Arrival-Date: Sun Aug 29 21:20:27 GMT 2004 >Closed-Date: >Last-Modified: >Originator: bugghy <bugghy@rootshell.be> >Release: FreeBSD 5.2.1-RELEASE-p9 i386 >Organization: >Environment: System: FreeBSD illusion.com 5.2.1-RELEASE-p9 FreeBSD 5.2.1-RELEASE-p9 >Description: Rootkit Hunter is scanning tool to ensure you for about 99.9% you're clean of nasty tools. This tool scans for rootkits, backdoors and local exploits by running tests like: - MD5/SHA1 hash compare - Look for default files used by rootkits - Wrong file permissions for binaries - Look for suspected strings in LKM and KLD modules - Look for hidden files - Optional scan within plaintext and binary files >How-To-Repeat: >Fix: diff -ruN rkhunter-old/Makefile rkhunter/Makefile --- rkhunter-old/Makefile Sun Aug 29 22:58:57 2004 +++ rkhunter/Makefile Sun Aug 29 22:59:32 2004 @@ -6,7 +6,7 @@ # PORTNAME= rkhunter -PORTVERSION= 1.1.4 +PORTVERSION= 1.1.7 CATEGORIES= security MASTER_SITES= http://downloads.rootkit.nl/ diff -ruN rkhunter-old/distinfo rkhunter/distinfo --- rkhunter-old/distinfo Sun Aug 29 22:58:57 2004 +++ rkhunter/distinfo Sun Aug 29 23:00:06 2004 @@ -1,2 +1,2 @@ -MD5 (rkhunter-1.1.4.tar.gz) = 08938c110c8363c62c82dad0571517d0 -SIZE (rkhunter-1.1.4.tar.gz) = 102147 +MD5 (rkhunter-1.1.7.tar.gz) = 95e8eeb46f0f2cd928180ac9cfb2dbb0 +SIZE (rkhunter-1.1.7.tar.gz) = 108223 diff -ruN rkhunter-old/files/lol rkhunter/files/lol --- rkhunter-old/files/lol Sun Aug 29 22:58:57 2004 +++ rkhunter/files/lol Thu Jan 1 00:00:00 1970 @@ -1,72 +0,0 @@ ---- installer.sh.old Thu Aug 12 11:20:01 2004 -+++ installer.sh Thu Aug 12 11:30:36 2004 -@@ -120,15 +120,12 @@ - overwrite:programs_good.dat:/db/programs_good.dat:Database%%Program%%versions - overwrite:defaulthashes.dat:/db/defaulthashes.dat:Database%%Default%%file%%hashes - overwrite:md5blacklist.dat:/db/md5blacklist.dat:Database%%MD5%%blacklisted%%files --overwrite:CHANGELOG:/docs/CHANGELOG:Changelog --overwrite:README:/docs/README:Readme%%and%%FAQ --overwrite:WISHLIST:/docs/WISHLIST:Wishlist%%and%%TODO - " - - # Prefix: INSTALLDIR - INSTALLFILES2=" --nooverwrite:rkhunter.conf:/usr/local/etc/rkhunter.conf:RK%%Hunter%%configuration%%file --overwrite:rkhunter:/usr/local/bin/rkhunter:RK%%Hunter%%binary -+nooverwrite:rkhunter.conf:/etc/rkhunter.conf.sample:RK%%Hunter%%configuration%%file -+overwrite:rkhunter:/bin/rkhunter:RK%%Hunter%%binary - " - - # Create directories (only if they do not exist) -@@ -137,10 +134,7 @@ - ${INSTALLDIR}/etc - ${INSTALLDIR}/bin - ${INSTALLDIR}/lib/rkhunter/db --${INSTALLDIR}/lib/rkhunter/docs - ${INSTALLDIR}/lib/rkhunter/scripts --${INSTALLDIR}/lib/rkhunter/tmp --/usr/local/etc - " - - CHECKDIR="/usr/local" -@@ -347,9 +341,6 @@ - ################################################################################# - - --# Clean active window --clear -- - echo "${INSTALLER_NAME} ${INSTALLER_VERSION} (${INSTALLER_COPYRIGHT})" - echo $ECHOOPT "---------------" - echo "Starting installation/update" -@@ -468,7 +459,7 @@ - echo "Skipped (no overwrite)" - else - #error redirection in .rkhunter it's just for a clear display if user run not as root -- cp -f ${INSTALLPREFIX}${CURFILE} ${NEWFILE} 2> ~/.rkhunter.log -+ cp -f ${INSTALLPREFIX}${CURFILE} "${INSTALLDIR}/${NEWFILE}" 2> ~/.rkhunter.log - if [ $? -eq 0 ] - then - echo $E "OK" -@@ -481,10 +472,10 @@ - - done - --INSTALLDIRCHECK=`cat /usr/local/etc/rkhunter.conf | grep "INSTALLDIR="` -+INSTALLDIRCHECK=`cat $INSTALLDIR/etc/rkhunter.conf.sample | grep "INSTALLDIR="` - if [ "${INSTALLDIRCHECK}" = "" ] - then -- echo "INSTALLDIR=${INSTALLDIR}" >> /usr/local/etc/rkhunter.conf -+ echo "INSTALLDIR=${INSTALLDIR}" >> $INSTALLDIR/etc/rkhunter.conf.sample - echo "Configuration updated with installation path (${INSTALLDIR})" - else - echo "Configuration already updated." -@@ -494,7 +485,7 @@ - then - echo "" - echo $E "$t17" -- echo "$t18 (/usr/local/bin/rkhunter)" -+ echo "$t18 (${INSTALLDIR}/bin/rkhunter)" - else - echo "" - echo $E "$t19" diff -ruN rkhunter-old/files/patch-installer.sh rkhunter/files/patch-installer.sh --- rkhunter-old/files/patch-installer.sh Sun Aug 29 22:58:57 2004 +++ rkhunter/files/patch-installer.sh Sun Aug 29 23:57:26 2004 @@ -1,5 +1,5 @@ ---- installer.sh.old Sun Aug 8 00:16:28 2004 -+++ installer.sh Sun Aug 8 00:21:52 2004 +--- installer.sh.orig Fri Aug 20 15:11:04 2004 ++++ installer.sh Sun Aug 29 23:56:46 2004 @@ -120,15 +120,12 @@ overwrite:programs_good.dat:/db/programs_good.dat:Database%%Program%%versions overwrite:defaulthashes.dat:/db/defaulthashes.dat:Database%%Default%%file%%hashes @@ -11,7 +11,7 @@ # Prefix: INSTALLDIR INSTALLFILES2=" --overwrite:rkhunter.conf:/usr/local/etc/rkhunter.conf:RK%%Hunter%%configuration%%file +-nooverwrite:rkhunter.conf:/usr/local/etc/rkhunter.conf:RK%%Hunter%%configuration%%file -overwrite:rkhunter:/usr/local/bin/rkhunter:RK%%Hunter%%binary +overwrite:rkhunter.conf:/etc/rkhunter.conf.sample:RK%%Hunter%%configuration%%file +overwrite:rkhunter:/bin/rkhunter:RK%%Hunter%%binary @@ -39,34 +39,36 @@ echo "${INSTALLER_NAME} ${INSTALLER_VERSION} (${INSTALLER_COPYRIGHT})" echo $ECHOOPT "---------------" echo "Starting installation/update" -@@ -470,7 +461,7 @@ - if [ -f ${INSTALLPREFIX}${CURFILE} ] - then +@@ -469,7 +460,7 @@ + echo "Skipped (no overwrite)" + else #error redirection in .rkhunter it's just for a clear display if user run not as root - cp -f ${INSTALLPREFIX}${CURFILE} ${NEWFILE} 2> ~/.rkhunter.log + cp -f ${INSTALLPREFIX}${CURFILE} "${INSTALLDIR}/${NEWFILE}" 2> ~/.rkhunter.log if [ $? -eq 0 ] then echo $E "OK" -@@ -485,10 +476,10 @@ - +@@ -483,11 +474,11 @@ done + # Installation dir to configuration file -INSTALLDIRCHECK=`cat /usr/local/etc/rkhunter.conf | grep "INSTALLDIR="` -+INSTALLDIRCHECK=`cat $INSTALLDIR/etc/rkhunter.conf.sample | grep "INSTALLDIR="` ++INSTALLDIRCHECK=`cat $INSTALLDIR/etc/rkhunter.conf | grep "INSTALLDIR="` if [ "${INSTALLDIRCHECK}" = "" ] then +- echo "" >> /usr/local/etc/rkhunter.conf - echo "INSTALLDIR=${INSTALLDIR}" >> /usr/local/etc/rkhunter.conf ++ echo "" >> $INSTALLDIR/etc/rkhunter.conf + echo "INSTALLDIR=${INSTALLDIR}" >> $INSTALLDIR/etc/rkhunter.conf.sample echo "Configuration updated with installation path (${INSTALLDIR})" else echo "Configuration already updated." -@@ -498,7 +489,7 @@ +@@ -497,7 +488,7 @@ then echo "" echo $E "$t17" - echo "$t18 (/usr/local/bin/rkhunter)" -+ echo "$t18 (${INSTALLDIR}/bin/rkhunter)" ++ echo "$t18 ($INSTALLDIR/bin/rkhunter)" else echo "" echo $E "$t19" diff -ruN rkhunter-old/files/patch-rkhunter.conf rkhunter/files/patch-rkhunter.conf --- rkhunter-old/files/patch-rkhunter.conf Sun Aug 29 22:58:57 2004 +++ rkhunter/files/patch-rkhunter.conf Sun Aug 29 23:36:47 2004 @@ -1,6 +1,6 @@ ---- files/rkhunter.conf.orig Sun Jul 25 17:08:25 2004 -+++ files/rkhunter.conf Sun Jul 25 17:08:48 2004 -@@ -8,7 +8,7 @@ +--- files/rkhunter.conf Fri Aug 20 15:02:59 2004 ++++ files/rkhunter.conf Sun Aug 29 23:22:13 2004 +@@ -14,7 +14,7 @@ # Use a custom temporary directory (you can override it with the # --tmpdir parameter) @@ -9,3 +9,10 @@ # Use a custom database directory (you can override it with the # --dbdir parameter) +@@ -25,4 +25,4 @@ + #MD5WHITELIST=/bin/ps:9bd8bf260adc81d3a43a086fce6b430a + #MD5WHITELIST=/bin/ps:404583a6b166c2f7ac1287445a9de6b3 + +-# The End +\ No newline at end of file ++# The End >Release-Note: >Audit-Trail: >Unformatted:
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?Pine.LNX.4.44.0408292312560.5666-100000>