forked from gentoo/gentoo
-
Notifications
You must be signed in to change notification settings - Fork 0
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
app-forensics/rkhunter: version bump 1.4.6
Also, add a patch to disable insecure file downloads. Bug: https://bugs.gentoo.org/623150 Closes: https://bugs.gentoo.org/645454 Closes: https://bugs.gentoo.org/648470 Package-Manager: Portage-2.3.24, Repoman-2.3.6
- Loading branch information
Michael Palimaka
committed
Mar 17, 2018
1 parent
d9f797d
commit 61e995b
Showing
4 changed files
with
148 additions
and
0 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -1,2 +1,3 @@ | ||
DIST rkhunter-1.4.2.tar.gz 277707 BLAKE2B 97968801ce5dccefc7d5eb246fd8031091447b9090c5bc9b958ea64835c47661d1f40b5a6352e0c92608a514f237ac2946a7f84498915418581a71d16b497f61 SHA512 a4e45caaaf5b8262619ebb890784c75c4e30db4c6c0eba305f86d419142b4796c95bc55fe8846dce8d58bc7636bdb365a4a8c41707f64d4d81373687c5a3b0d4 | ||
DIST rkhunter-1.4.4.tar.gz 297626 BLAKE2B 9d9a50e3541817d8dfec6c76665ae84b92f49ed3128244cb5359f2149203ccdc7cdaa05db3da87f6aa6ee79fa84491f40cdc3443d77359b64c23947cb685516e SHA512 87e9c617220765678cc4519eee27d1d56185c3a7fb1d6338c8fb984ac4f5176c31bb54b69e1de615d66a0cf1e72b672e66b368e37851a459def69463cbb8661e | ||
DIST rkhunter-1.4.6.tar.gz 302137 BLAKE2B 89c61386b57f743f4205f8c826eaa8a9dc9a0d413ac47efb26b6f93d8d642f619f35b7a4c021521b662547c02a16071b8980d158cfb9e081a64870558dbaeff0 SHA512 c51a21b6b66ed1f73a19d8ce04eaba35999eefcb666acc824989c3bf53ac56d24a33ac4fec290be942e33fe24674406b371eafff73f7e697b9e03ec031b37216 |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,38 @@ | ||
|
||
--- a/rkhunter.conf | ||
+++ b/rkhunter.conf | ||
@@ -72,6 +72,7 @@ | ||
# to use. | ||
# | ||
|
||
+INSTALLDIR=/usr | ||
|
||
# | ||
# If this option is set to '1', it specifies that the mirrors file | ||
@@ -154,7 +155,7 @@ | ||
# subsequently commented out or removed, then the program will assume a | ||
# default directory beneath the installation directory. | ||
# | ||
-#TMPDIR=/var/lib/rkhunter/tmp | ||
+TMPDIR=/var/lib/rkhunter | ||
|
||
# | ||
# This option specifies the database directory to use. | ||
@@ -163,7 +164,7 @@ | ||
# subsequently commented out or removed, then the program will assume a | ||
# default directory beneath the installation directory. | ||
# | ||
-#DBDIR=/var/lib/rkhunter/db | ||
+DBDIR=/var/lib/rkhunter/db | ||
|
||
# | ||
# This option specifies the script directory to use. | ||
@@ -171,7 +172,7 @@ | ||
# The installer program will set the default directory. If this default is | ||
# subsequently commented out or removed, then the program will not run. | ||
# | ||
-#SCRIPTDIR=/usr/local/lib/rkhunter/scripts | ||
+SCRIPTDIR=/usr/lib/rkhunter/scripts | ||
|
||
# | ||
# This option can be used to modify the command directory list used by rkhunter |
46 changes: 46 additions & 0 deletions
46
app-forensics/rkhunter/files/rkhunter-1.4.6-no-insecure-web.patch
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,46 @@ | ||
Disable insecure web operations (CVE-2017-7480). | ||
|
||
Bug: https://bugs.gentoo.org/623150 | ||
|
||
--- a/rkhunter | ||
+++ b/rkhunter | ||
@@ -19462,7 +19462,7 @@ | ||
# | ||
|
||
echo $ECHOOPT "" | ||
- echo $ECHOOPT "Usage: rkhunter {--check | --unlock | --update | --versioncheck |" | ||
+ echo $ECHOOPT "Usage: rkhunter {--check | --unlock |" | ||
echo $ECHOOPT " --propupd [{filename | directory | package name},...] |" | ||
echo $ECHOOPT " --list [{tests | {lang | languages} | rootkits | perl | propfiles}] |" | ||
echo $ECHOOPT " --config-check | --version | --help} [options]" | ||
@@ -19518,10 +19518,8 @@ | ||
echo $ECHOOPT " (Default level is $SYSLOG_DFLT_PRIO)" | ||
echo $ECHOOPT " --tmpdir <directory> Use the specified temporary directory" | ||
echo $ECHOOPT " --unlock Unlock (remove) the lock file" | ||
- echo $ECHOOPT " --update Check for updates to database files" | ||
echo $ECHOOPT " --vl, --verbose-logging Use verbose logging (on by default)" | ||
echo $ECHOOPT " -V, --version Display the version number, then exit" | ||
- echo $ECHOOPT " --versioncheck Check for latest version of program" | ||
echo $ECHOOPT " -x, --autox Automatically detect if X is in use" | ||
echo $ECHOOPT " -X, --no-autox Do not automatically detect if X is in use" | ||
echo $ECHOOPT "" | ||
@@ -20396,9 +20394,6 @@ | ||
--unlock) | ||
UNLOCK=1 | ||
;; | ||
- --update) | ||
- UPDATE=1 | ||
- ;; | ||
--vl | --verboselogging | --verbose-logging) | ||
VERBOSE_LOGGING=1 | ||
;; | ||
@@ -20407,9 +20402,6 @@ | ||
echo "${PROGRAM_blurb}" | ||
exit 0 | ||
;; | ||
- --versioncheck | --version-check) | ||
- VERSIONCHECK=1 | ||
- ;; | ||
-x | --autox) | ||
AUTO_X_OPT=1 | ||
AUTO_X_DTCT=1 |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,63 @@ | ||
# Copyright 1999-2018 Gentoo Foundation | ||
# Distributed under the terms of the GNU General Public License v2 | ||
|
||
EAPI=6 | ||
|
||
inherit bash-completion-r1 | ||
|
||
DESCRIPTION="Rootkit Hunter scans for known and unknown rootkits, backdoors, and sniffers" | ||
HOMEPAGE="http://rkhunter.sf.net/" | ||
SRC_URI="mirror://sourceforge/${PN}/${P}.tar.gz" | ||
|
||
LICENSE="GPL-2" | ||
SLOT="0" | ||
KEYWORDS="~alpha ~amd64 ~arm ~mips ~ppc ~x86" | ||
IUSE="" | ||
|
||
RDEPEND=" | ||
app-shells/bash | ||
dev-lang/perl | ||
sys-process/lsof[rpc] | ||
" | ||
|
||
S="${WORKDIR}/${P}/files" | ||
|
||
PATCHES=( | ||
"${FILESDIR}/${PN}-1.4.6-conf.patch" | ||
"${FILESDIR}/${PN}-1.4.6-no-insecure-web.patch" | ||
) | ||
|
||
src_install() { | ||
# rkhunter requires to be root | ||
dosbin ${PN} | ||
|
||
insinto /etc | ||
doins ${PN}.conf | ||
|
||
exeinto /usr/lib/${PN}/scripts | ||
doexe *.pl | ||
|
||
insinto /var/lib/${PN}/db | ||
doins *.dat | ||
|
||
insinto /var/lib/${PN}/db/i18n | ||
doins i18n/* | ||
|
||
doman ${PN}.8 | ||
dodoc ACKNOWLEDGMENTS CHANGELOG FAQ README | ||
|
||
exeinto /etc/cron.daily | ||
newexe "${FILESDIR}/${PN}-1.3.cron" ${PN} | ||
|
||
newbashcomp "${FILESDIR}/${PN}.bash-completion" ${PN} | ||
} | ||
|
||
pkg_postinst() { | ||
elog "A cron script has been installed to /etc/cron.daily/rkhunter." | ||
elog "To enable it, edit /etc/cron.daily/rkhunter and follow the" | ||
elog "directions." | ||
elog "If you want ${PN} to send mail, you will need to install" | ||
elog "virtual/mailx or alter the EMAIL_CMD variable in the" | ||
elog "cron script and possibly the MAIL_CMD variable in the" | ||
elog "${PN}.conf file to use another mail client." | ||
} |