ports/69574: [maintainer update] Update port: security/rkhunter Rootkit detection tool
bugghy
bugghy at phenix.rootshell.be
Sun Jul 25 14:40:27 UTC 2004
Note: There was a bad value `maintainer' for the field `>Class:'.
It was set to the default value of `sw-bug'.
>Number: 69574
>Category: ports
>Synopsis: [maintainer update] Update port: security/rkhunter Rootkit
>Confidential: no
>Severity: non-critical
>Priority: low
>Responsible: freebsd-ports-bugs
>State: open
>Quarter:
>Keywords:
>Date-Required:
>Class: sw-bug
>Submitter-Id: current-users
>Arrival-Date: Sun Jul 25 14:40:25 GMT 2004
>Closed-Date:
>Last-Modified:
>Originator: bugghy <bugghy at rootshell.be>
>Release: FreeBSD 5.2.1-RELEASE-p9 i386
>Organization:
>Environment:
System: FreeBSD illusion.com 5.2.1-RELEASE-p9 FreeBSD 5.2.1-RELEASE-p9 #4:
Fri Jul 23 17:19:48 GMT 2004 bugghy at illusio$
>Description:
Rootkit Hunter is scanning tool to ensure you for about 99.9% you're
clean of nasty tools.
This tool scans for rootkits, backdoors and local exploits by running
tests like:
- MD5/SHA1 hash compare
- Look for default files used by rootkits
- Wrong file permissions for binaries
- Look for suspected strings in LKM and KLD modules
- Look for hidden files
- Optional scan within plaintext and binary files
>How-To-Repeat:
>Fix:
diff -ruN rkhunter.bak/Makefile rkhunter/Makefile
--- rkhunter.bak/Makefile Sun Jul 25 17:25:17 2004
+++ rkhunter/Makefile Sun Jul 25 17:26:10 2004
@@ -1,12 +1,12 @@
# New ports collection makefile for: rkhunter
-# Date created: 15 May 2004
-# Whom: Radim Kolar
+# Date created: 25 Jul 2004
+# Whom: bugghy <bugghy at SAFe-mail.net>
#
# $FreeBSD: ports/security/rkhunter/Makefile,v 1.1 2004/05/15 14:00:59 krion Exp $
#
PORTNAME= rkhunter
-PORTVERSION= 1.0.8
+PORTVERSION= 1.1.3
CATEGORIES= security
MASTER_SITES= http://downloads.rootkit.nl/
@@ -20,30 +20,19 @@
NO_BUILD= yes
USE_REINPLACE= yes
-PLIST_DIRS= rkhunter/scripts rkhunter/db rkhunter/docs rkhunter/tmp rkhunter
-PLIST_FILES= rkhunter/scripts/check_modules.pl \
- rkhunter/scripts/check_port.pl \
- rkhunter/scripts/filehashmd5.pl \
- rkhunter/scripts/filehashsha1.pl \
- bin/rkhunter \
- etc/rkhunter.conf \
- rkhunter/scripts/showfiles.pl \
- rkhunter/db/backdoorports.dat \
- rkhunter/db/mirrors.dat \
- rkhunter/db/os.dat \
- rkhunter/db/defaulthashes.dat \
- rkhunter/db/md5blacklist.dat \
- rkhunter/docs/CHANGELOG \
- rkhunter/docs/README \
- rkhunter/docs/WISHLIST
-
MAN8= rkhunter.8
MANCOMPRESSED= no
-pre-install:
- ${REINPLACE_CMD} -e "s,/usr/local,${PREFIX},g" ${WRKSRC}/installer.sh
do-install:
- cd ${WRKSRC} && ./installer.sh
+ cd ${WRKSRC} && ./installer.sh --installdir ${PREFIX}
${INSTALL_MAN} ${WRKSRC}/files/development/rkhunter.8 ${MAN8PREFIX}/man/man8
+.if !defined(NOPORTDOCS)
+ ${MKDIR} ${DOCSDIR}
+ ${INSTALL_DATA} ${WRKSRC}/files/CHANGELOG ${DOCSDIR}
+ ${INSTALL_DATA} ${WRKSRC}/files/README ${DOCSDIR}
+ ${INSTALL_DATA} ${WRKSRC}/files/WISHLIST ${DOCSDIR}
+.endif
+
+ @${SED} -e 's!PREFIX!${PREFIX}!g' ${.CURDIR}/pkg-message
.include <bsd.port.mk>
diff -ruN rkhunter.bak/PROBLEM rkhunter/PROBLEM
--- rkhunter.bak/PROBLEM Thu Jan 1 00:00:00 1970
+++ rkhunter/PROBLEM Sun Jul 25 16:49:31 2004
@@ -0,0 +1,8 @@
+1. t18="See /usr/local/rkhunter/docs for more information. Run 'rkhunter'"
+ it's hardcoded (fbsd uses /usr/local/share/doc/rkhunter)
+
+2.
+
+-verwrite:showfiles.pl:/scripts/showfiles.pl:Directory%%viewer
++overwrite:showfiles.pl:/scripts/showfiles.pl:Directory%%viewer
+
diff -ruN rkhunter.bak/distinfo rkhunter/distinfo
--- rkhunter.bak/distinfo Sun Jul 25 17:25:17 2004
+++ rkhunter/distinfo Sun Jul 25 16:12:01 2004
@@ -1,2 +1,2 @@
-MD5 (rkhunter-1.0.8.tar.gz) = bc1006d36e5b2674985c9396b5c46c95
-SIZE (rkhunter-1.0.8.tar.gz) = 77582
+MD5 (rkhunter-1.1.3.tar.gz) = 62271204de0fa0d2bf1b8489b1458dc7
+SIZE (rkhunter-1.1.3.tar.gz) = 98309
diff -ruN rkhunter.bak/files/patch-installer.sh rkhunter/files/patch-installer.sh
--- rkhunter.bak/files/patch-installer.sh Thu Jan 1 00:00:00 1970
+++ rkhunter/files/patch-installer.sh Sun Jul 25 17:19:51 2004
@@ -0,0 +1,86 @@
+--- installer.sh.orig Sun Jul 25 16:20:28 2004
++++ installer.sh Sun Jul 25 17:19:48 2004
+@@ -69,6 +69,7 @@
+ ;;
+ *)
+ echo "Wrong parameter"
++ exit
+ ;;
+ esac
+ shift
+@@ -111,21 +112,18 @@
+ overwrite:check_port.pl:/scripts/check_port.pl:Portscanner
+ overwrite:filehashmd5.pl:/scripts/filehashmd5.pl:MD5%%Digest%%generator
+ overwrite:filehashsha1.pl:/scripts/filehashsha1.pl:SHA1%%Digest%%generator
+-verwrite:showfiles.pl:/scripts/showfiles.pl:Directory%%viewer
++overwrite:showfiles.pl:/scripts/showfiles.pl:Directory%%viewer
+ overwrite:backdoorports.dat:/db/backdoorports.dat:Database%%Backdoor%%ports
+ overwrite:mirrors.dat:/db/mirrors.dat:Database%%Update%%mirrors
+ overwrite:os.dat:/db/os.dat:Database%%Operating%%Systems
+ overwrite:defaulthashes.dat:/db/defaulthashes.dat:Database%%Default%%file%%hashes
+ overwrite:md5blacklist.dat:/db/md5blacklist.dat:Database%%MD5%%blacklisted%%files
+-overwrite:CHANGELOG:/docs/CHANGELOG:Changelog
+-overwrite:README:/docs/README:Readme%%and%%FAQ
+-overwrite:WISHLIST:/docs/WISHLIST:Wishlist%%and%%TODO
+ "
+
+ # Prefix: INSTALLDIR
+ INSTALLFILES2="
+-overwrite:rkhunter.conf:/usr/local/etc/rkhunter.conf:RK%%Hunter%%configuration%%file
+-overwrite:rkhunter:/usr/local/bin/rkhunter:RK%%Hunter%%binary
++overwrite:rkhunter.conf:/etc/rkhunter.conf.sample:RK%%Hunter%%configuration%%file
++overwrite:rkhunter:/bin/rkhunter:RK%%Hunter%%binary
+ "
+
+ # Create directories (only if they do not exist)
+@@ -134,10 +132,7 @@
+ ${INSTALLDIR}/etc
+ ${INSTALLDIR}/bin
+ ${INSTALLDIR}/lib/rkhunter/db
+-${INSTALLDIR}/lib/rkhunter/docs
+ ${INSTALLDIR}/lib/rkhunter/scripts
+-${INSTALLDIR}/lib/rkhunter/tmp
+-/usr/local/etc
+ "
+
+ CHECKDIR="/usr/local"
+@@ -345,8 +340,6 @@
+
+
+ # Clean active window
+-clear
+-
+ echo "${INSTALLER_NAME} ${INSTALLER_VERSION} (${INSTALLER_COPYRIGHT})"
+ echo $ECHOOPT "---------------"
+ echo "Starting installation/update"
+@@ -467,7 +460,7 @@
+ if [ -f ${INSTALLPREFIX}${CURFILE} ]
+ then
+ #error redirection in .rkhunter it's just for a clear display if user run not as root
+- cp -f ${INSTALLPREFIX}${CURFILE} ${NEWFILE} 2> ~/.rkhunter.log
++ cp -f ${INSTALLPREFIX}${CURFILE} "${INSTALLDIR}/${NEWFILE}" 2> ~/.rkhunter.log
+ if [ $? -eq 0 ]
+ then
+ echo $E "OK"
+@@ -482,10 +475,10 @@
+
+ done
+
+-INSTALLDIRCHECK=`cat /usr/local/etc/rkhunter.conf | grep "INSTALLDIR="`
++INSTALLDIRCHECK=`cat $INSTALLDIR/etc/rkhunter.conf.sample | grep "INSTALLDIR="`
+ if [ "${INSTALLDIRCHECK}" = "" ]
+ then
+- echo "INSTALLDIR=${INSTALLDIR}" >> /usr/local/etc/rkhunter.conf
++ echo "INSTALLDIR=${INSTALLDIR}" >> $INSTALLDIR/etc/rkhunter.conf.sample
+ echo "Configuration updated with installation path (${INSTALLDIR})"
+ else
+ echo "Configuration already updated."
+@@ -495,7 +488,7 @@
+ then
+ echo ""
+ echo $E "$t17"
+- echo "$t18 (/usr/local/bin/rkhunter)"
++ echo "$t18 (${INSTALLDIR}/bin/rkhunter)"
+ else
+ echo ""
+ echo $E "$t19"
diff -ruN rkhunter.bak/files/patch-rkhunter.conf rkhunter/files/patch-rkhunter.conf
--- rkhunter.bak/files/patch-rkhunter.conf Thu Jan 1 00:00:00 1970
+++ rkhunter/files/patch-rkhunter.conf Sun Jul 25 17:23:54 2004
@@ -0,0 +1,11 @@
+--- files/rkhunter.conf.orig Sun Jul 25 17:08:25 2004
++++ files/rkhunter.conf Sun Jul 25 17:08:48 2004
+@@ -8,7 +8,7 @@
+
+ # Use a custom temporary directory (you can override it with the
+ # --tmpdir parameter)
+-#TMPDIR=/tmp
++TMPDIR=/tmp
+
+ # Use a custom database directory (you can override it with the
+ # --dbdir parameter)
diff -ruN rkhunter.bak/pkg-descr rkhunter/pkg-descr
--- rkhunter.bak/pkg-descr Sun Jul 25 17:25:17 2004
+++ rkhunter/pkg-descr Sun Jul 25 16:22:41 2004
@@ -12,3 +12,7 @@
- Optional scan within plaintext and binary files
WWW: http://www.rootkit.nl/
+
+- bugghy
+bugghy at SAFe-mail.net
+
diff -ruN rkhunter.bak/pkg-message rkhunter/pkg-message
--- rkhunter.bak/pkg-message Thu Jan 1 00:00:00 1970
+++ rkhunter/pkg-message Sun Jul 25 16:19:03 2004
@@ -0,0 +1,7 @@
+
+#############################################################################
+ Installed additional documentation in: PREFIX/share/doc/rkhunter
+ Copy PREFIX/etc/rkhunter.conf.sample to PREFIX/etc/rkhunter.conf
+#############################################################################
+
+
diff -ruN rkhunter.bak/pkg-plist rkhunter/pkg-plist
--- rkhunter.bak/pkg-plist Thu Jan 1 00:00:00 1970
+++ rkhunter/pkg-plist Sun Jul 25 17:12:09 2004
@@ -0,0 +1,19 @@
+etc/rkhunter.conf.sample
+bin/rkhunter
+lib/rkhunter/db/backdoorports.dat
+lib/rkhunter/db/mirrors.dat
+lib/rkhunter/db/os.dat
+lib/rkhunter/db/defaulthashes.dat
+lib/rkhunter/db/md5blacklist.dat
+lib/rkhunter/scripts/check_modules.pl
+lib/rkhunter/scripts/check_port.pl
+lib/rkhunter/scripts/filehashmd5.pl
+lib/rkhunter/scripts/filehashsha1.pl
+lib/rkhunter/scripts/showfiles.pl
+ at dirrm lib/rkhunter/scripts
+ at dirrm lib/rkhunter/db
+ at dirrm lib/rkhunter
+%%PORTDOCS%%%%DOCSDIR%%/CHANGELOG
+%%PORTDOCS%%%%DOCSDIR%%/README
+%%PORTDOCS%%%%DOCSDIR%%/WISHLIST
+%%PORTDOCS%%@dirrm %%DOCSDIR%%
>Release-Note:
>Audit-Trail:
>Unformatted:
detection tool
More information about the freebsd-ports-bugs
mailing list